www.carmax.com Open in urlscan Pro
2a02:26f0:7100:8ad::1c4e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.carmax.com/car/24372992
Submission: On August 20 via manual (August 20th 2023, 8:40:31 pm UTC) from US — Scanned from DE

Summary HTTP 214 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 25 domains to perform 214 HTTP transactions. The main IP is 2a02:26f0:7100:8ad::1c4e, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.carmax.com. The Cisco Umbrella rank of the primary domain is 48420.
TLS certificate: Issued by GeoTrust RSA CA 2018 on July 31st 2023. Valid for: 5 months.

This is the only time www.carmax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 86	2a02:26f0:710... 2a02:26f0:7100:8ad::1c4e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.24.153.248 52.24.153.248	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:980::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2a02:26f0:710... 2a02:26f0:7100:1b7::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:170... 2a02:26f0:1700:38a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.30.115.249 52.30.115.249	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	63.35.31.5 63.35.31.5	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.164 63.140.62.164	16509 (AMAZON-02) (AMAZON-02)
1 1	176.34.146.86 176.34.146.86	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.107 66.235.152.107	16509 (AMAZON-02) (AMAZON-02)
9	2a02:26f0:710... 2a02:26f0:7100:8b5::1c4e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
8	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:21f... 2600:9000:21f3:6a00:1:fb61:2b80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2013	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2	52.28.12.14 52.28.12.14	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
14	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	23.218.208.116 23.218.208.116	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:445... 2600:1f18:4457:4600:9645:6f60:3267:cdfb	() ()
214	35

86 2a02:26f0:7100:8ad::1c4e (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.carmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img2.carmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.24.153.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-153-248.us-west-2.compute.amazonaws.com

ethn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:980::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
02179912.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:26f0:7100:1b7::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:38a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.115.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-115-249.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.31.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-31-5.eu-west-1.compute.amazonaws.com

carmaxbusinessservicesllc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-164.data.adobedc.net

carmax.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.146.86 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-146-86.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-107.data.adobedc.net

carmax.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:7100:8b5::1c4e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img2.carmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:6a00:1:fb61:2b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.levelaccess.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ping.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.12.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-12-14.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.116 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-116.deploy.static.akamaitechnologies.com

sjc1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4457:4600:9645:6f60:3267:cdfb (None, )

ASN- ()

api.levelaccess.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
95	carmax.com 1 redirects www.carmax.com — Cisco Umbrella Rank: 48420 img2.carmax.com — Cisco Umbrella Rank: 57584	10 MB
16	qualtrics.com zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com — Cisco Umbrella Rank: 72204 siteintercept.qualtrics.com — Cisco Umbrella Rank: 1057 sjc1.qualtrics.com — Cisco Umbrella Rank: 10681	77 KB
13	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 506	166 KB
12	google.de www.google.de — Cisco Umbrella Rank: 5345	1 KB
12	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2706	1 KB
12	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 122 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	12 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	562 KB
8	bing.com bat.bing.com — Cisco Umbrella Rank: 412	26 KB
7	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2465 rs.fullstory.com — Cisco Umbrella Rank: 2314	88 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	303 B
4	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3965 gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 2338	27 KB
3	pdst.fm ping.pdst.fm — Cisco Umbrella Rank: 26972	119 B
3	omtrdc.net carmax.sc.omtrdc.net — Cisco Umbrella Rank: 67344 carmax.tt.omtrdc.net — Cisco Umbrella Rank: 68926	9 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	22 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 240 carmaxbusinessservicesllc.demdex.net — Cisco Umbrella Rank: 84429	5 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 157	4 KB
2	agkn.com d.agkn.com — Cisco Umbrella Rank: 907	1 KB
2	ispot.tv pt.ispot.tv — Cisco Umbrella Rank: 2760	576 B
2	levelaccess.net cdn.levelaccess.net — Cisco Umbrella Rank: 16256 api.levelaccess.net	62 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	135 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1498 c.go-mpulse.net — Cisco Umbrella Rank: 679	53 KB
1	akstat.io 02179912.akstat.io — Cisco Umbrella Rank: 71578	202 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125	401 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1280	517 B
1	ethn.io ethn.io — Cisco Umbrella Rank: 45938	637 B
214	25

	Domain	Requested by
55	www.carmax.com	www.carmax.com s.go-mpulse.net
40	img2.carmax.com	1 redirects www.carmax.com edge.fullstory.com
13	siteintercept.qualtrics.com	zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com edge.fullstory.com siteintercept.qualtrics.com
13	assets.adobedtm.com	www.carmax.com assets.adobedtm.com
12	www.google.de	www.carmax.com
11	www.google.com	2 redirects www.carmax.com
10	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
8	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
8	bat.bing.com	www.carmax.com bat.bing.com
5	www.facebook.com
4	rs.fullstory.com	s.go-mpulse.net edge.fullstory.com
3	ping.pdst.fm
3	edge.fullstory.com	www.carmax.com s.go-mpulse.net rs.fullstory.com
3	www.google-analytics.com	assets.adobedtm.com www.google-analytics.com
2	sjc1.qualtrics.com
2	www.googleadservices.com	www.googletagmanager.com
2	d.agkn.com
2	pt.ispot.tv
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	connect.facebook.net	www.carmax.com connect.facebook.net
2	carmax.sc.omtrdc.net	s.go-mpulse.net
2	stats.g.doubleclick.net	s.go-mpulse.net www.googletagmanager.com
2	dpm.demdex.net	assets.adobedtm.com www.carmax.com
1	api.levelaccess.net	edge.fullstory.com
1	02179912.akstat.io	s.go-mpulse.net
1	region1.analytics.google.com	www.googletagmanager.com
1	zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com	www.carmax.com
1	pagead2.googlesyndication.com	edge.fullstory.com
1	mug.criteo.com
1	dynamic.criteo.com	assets.adobedtm.com
1	cdn.levelaccess.net	assets.adobedtm.com
1	carmax.tt.omtrdc.net	s.go-mpulse.net
1	cm.everesttech.net	1 redirects
1	carmaxbusinessservicesllc.demdex.net	assets.adobedtm.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	www.carmax.com
1	ethn.io	www.carmax.com
214	37

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
socialresponsibility.carmax.com
foundation.carmax.com
media.carmax.com
investors.carmax.com
careers.carmax.com

Subject Issuer	Validity	Valid
www.carmax.com GeoTrust RSA CA 2018	`2023-07-31` - `2024-01-03`	5 months	crt.sh
*.ethn.io R3	`2023-07-18` - `2023-10-16`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-29` - `2023-08-27`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-07-18` - `2023-10-16`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
cdn.levelaccess.net Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
ping.pdst.fm GTS CA 1D4	`2023-06-28` - `2023-09-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.ispot.tv R3	`2023-07-13` - `2023-10-11`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
api.levelaccess.net Amazon RSA 2048 M02	`2023-03-01` - `2024-01-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.carmax.com/car/24372992
Frame ID: 2EE8405E8F9B1F0CB7373200369CD150
Requests: 217 HTTP requests in this frame

Frame: https://carmaxbusinessservicesllc.demdex.net/dest5.html?d_nsid=0
Frame ID: 5264033B56654E1827904FFD59676DA5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.carmax.com&origin=onetag
Frame ID: 1C30DF842D82B622C8F57FB3F71F0DC8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Used 2021 Toyota Tacoma in Norcross, GA | CarMaxChat Bubble Icon

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

214
Requests

97 %
HTTPS

60 %
IPv6

25
Domains

37
Subdomains

35
IPs

6
Countries

12011 kB
Transfer

18350 kB
Size

42
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/carmax
Title: CarMax Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/carmax
Title: CarMax Twitter

Search URL Search Domain Scan URL

URL: https://socialresponsibility.carmax.com/
Title: Social responsibility

Search URL Search Domain Scan URL

URL: https://foundation.carmax.com/
Title: CarMax Foundation

Search URL Search Domain Scan URL

URL: http://media.carmax.com/
Title: Media center

Search URL Search Domain Scan URL

URL: http://investors.carmax.com/
Title: Investor relations

Search URL Search Domain Scan URL

URL: https://careers.carmax.com/us/en
Title: Search Jobs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://cm.everesttech.net/cm/dd?d_uuid=02172832403053156674496047423589377373 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOJ6NwAAAHCzggNe

Request Chain 86

https://img2.carmax.com/img/vehicles/24372992/1/1600.jpg HTTP 301
https://img2.carmax.com/img/vehicles/24372992/1.jpg?width=1600

Request Chain 130

https://gum.criteo.com/sid/json?origin=onetag&domain=carmax.com&sn=ChromeSyncframe&so=0&topUrl=www.carmax.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=FYvqYnx3dXUwWW53S2tVQkJxdWpPM0NoRUEvRXJuWktQZmJiM2EwOHpZRWIrUTdtTXdqYXloV21tQ3YvUGErUGU2RWtzcHNaVUUxOTdlZ09SV213RUJmQ1BEVzI5cjM2MnhsN2wwL1F3SnQ1VytTa3ZUa3kwQXdoKytqR2FNdERLaVJycjdCRk9lWGlVMXhUdnMwQ05MZlJSdjVKR1F1N3BLQ09jcFFyOE5nQzYyS1BtSVZSdkVRMVFyNFE5L0xNNlg1YmJFb3RNVGpwRGVHRk9IK3RTUEJYajZSVHBEVTgyZ0xDUTdCbXJLSnArdlloL0UzK2FuczVQdGFkVTNGY09XR1h2Y3BNLzRzTHdadHlPZUdSTkd6Z0JGUT09fA&cppv=2

Request Chain 167

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/?random=1924786149&cv=11&fst=1692564024379&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=OHriZJ7VGo2C7_UPlKKfuAk&sscte=1&crd=&pscrd=Ek5DaEVJOFBPR3B3WVE2S0dfaXR6WW42SExBUklsQUhMTDNYS0MyVlNFS1BGYW9RX0VSSXJDcE4wYi1GeDIyRTllMm1NMWdlMDZIdzJ4bVEaV0NoQUk4UE9HcHdZUTRJek1oNi14cW85ZEVpMEFZRldqWnFaamdhMkN1Q2w5REJoTUFvc0VuVlA5ejROTGtaOURjcHdlcTZKMURoWFBwNnVXbkVPN19ZWSITCJ7RvquM7IADFQ3BuwgdFNEHlw HTTP 302
https://www.google.com/pagead/1p-conversion/1060501044/?random=1924786149&cv=11&fst=1692564024379&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBPR3B3WVE2S0dfaXR6WW42SExBUklsQUhMTDNYS0MyVlNFS1BGYW9RX0VSSXJDcE4wYi1GeDIyRTllMm1NMWdlMDZIdzJ4bVEaV0NoQUk4UE9HcHdZUTRJek1oNi14cW85ZEVpMEFZRldqWnFaamdhMkN1Q2w5REJoTUFvc0VuVlA5ejROTGtaOURjcHdlcTZKMURoWFBwNnVXbkVPN19ZWSITCJ7RvquM7IADFQ3BuwgdFNEHlw&is_vtc=1&ocp_id=OHriZJ7VGo2C7_UPlKKfuAk&cid=CAQSKQBpAlJWMndDw6cgXEenmvTlZJZobW2DJEguaNV1_Y8nRsZkmEGT_a12&random=241214088 HTTP 302
https://www.google.de/pagead/1p-conversion/1060501044/?random=1924786149&cv=11&fst=1692564024379&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBPR3B3WVE2S0dfaXR6WW42SExBUklsQUhMTDNYS0MyVlNFS1BGYW9RX0VSSXJDcE4wYi1GeDIyRTllMm1NMWdlMDZIdzJ4bVEaV0NoQUk4UE9HcHdZUTRJek1oNi14cW85ZEVpMEFZRldqWnFaamdhMkN1Q2w5REJoTUFvc0VuVlA5ejROTGtaOURjcHdlcTZKMURoWFBwNnVXbkVPN19ZWSITCJ7RvquM7IADFQ3BuwgdFNEHlw&is_vtc=1&ocp_id=OHriZJ7VGo2C7_UPlKKfuAk&cid=CAQSKQBpAlJWMndDw6cgXEenmvTlZJZobW2DJEguaNV1_Y8nRsZkmEGT_a12&random=241214088&ipr=y

Request Chain 174

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10777432239/?random=126059581&cv=11&fst=1692564024500&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=OHriZIeZH4qC7_UPgMGioA8&sscte=1&crd=&pscrd=Ek5DaEVJOFBPR3B3WVE2S0dfaXR6WW42SExBUklsQUhMTDNYS0MyVlNFS1BGYW9RX0VSSXJDcE4wYi1GeDIyRTllMm1NMWdlMDZIdzJ4bVEaV0NoQUk4UE9HcHdZUTRJek1oNi14cW85ZEVpMEFZRldqWnNqWnVPSGczMnFRaVZ4ekVLX0ctUHNVQWRDUEZTQmNzTnB3MWNPWUtzQjBZcXI0MlNhNFF5YyITCIeVw6uM7IADFQrBuwgdgKAI9A HTTP 302
https://www.google.com/pagead/1p-conversion/10777432239/?random=126059581&cv=11&fst=1692564024500&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBPR3B3WVE2S0dfaXR6WW42SExBUklsQUhMTDNYS0MyVlNFS1BGYW9RX0VSSXJDcE4wYi1GeDIyRTllMm1NMWdlMDZIdzJ4bVEaV0NoQUk4UE9HcHdZUTRJek1oNi14cW85ZEVpMEFZRldqWnNqWnVPSGczMnFRaVZ4ekVLX0ctUHNVQWRDUEZTQmNzTnB3MWNPWUtzQjBZcXI0MlNhNFF5YyITCIeVw6uM7IADFQrBuwgdgKAI9A&is_vtc=1&ocp_id=OHriZIeZH4qC7_UPgMGioA8&cid=CAQSKQBpAlJWeEDBEINBrcqImZhkTUl37z62yMw8aIS1l1g9ppJeemonqVB_&random=1709410876 HTTP 302
https://www.google.de/pagead/1p-conversion/10777432239/?random=126059581&cv=11&fst=1692564024500&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBPR3B3WVE2S0dfaXR6WW42SExBUklsQUhMTDNYS0MyVlNFS1BGYW9RX0VSSXJDcE4wYi1GeDIyRTllMm1NMWdlMDZIdzJ4bVEaV0NoQUk4UE9HcHdZUTRJek1oNi14cW85ZEVpMEFZRldqWnNqWnVPSGczMnFRaVZ4ekVLX0ctUHNVQWRDUEZTQmNzTnB3MWNPWUtzQjBZcXI0MlNhNFF5YyITCIeVw6uM7IADFQrBuwgdgKAI9A&is_vtc=1&ocp_id=OHriZIeZH4qC7_UPgMGioA8&cid=CAQSKQBpAlJWeEDBEINBrcqImZhkTUl37z62yMw8aIS1l1g9ppJeemonqVB_&random=1709410876&ipr=y

214 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 24372992 Show response
www.carmax.com/car/ 50 KB
53 KB 419ms
320ms Document
text/html 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e8956342fc19ff4ae2ecf999bc570956c4965d72da221c51c76259587677e7dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sun, 20 Aug 2023 20:40:22 GMT
etag: "0x8DBA0A6843C173E"
last-modified: Sat, 19 Aug 2023 11:22:04 GMT
server-timing: cdn-cache; desc=MISS edge; dur=244 origin; dur=42 ak_p; desc="1692564021966_34603373_22563786_27552_24259_6_34_255";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains
timing-allow-origin: *
x-akamai-transformed: 9 46442 0 pmb=mTOE,3mRUM,2
x-azure-ref: 0NnriZAAAAAAcHitYxWPPR4Il7Aw9SrZ9Q0gxQUEyMDIwNjA5MDI3ADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
x-content-type-options: nosniff
x-frame-options: sameorigin
x-ms-request-id: 53f2d9f8-a01e-0040-41a6-d3cfa7000000
x-ms-version: 2018-03-28

GET
H2 200 hero.jpg
img2.carmax.com/assets/24372992/ 31 KB
31 KB 533ms
525ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/hero.jpg?width=800&height=450

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fe00417daf974a88fda7c29bd8a4f3928a312ed666bf6046d40d55dcd75703d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 08 Aug 2023 12:42:29 GMT
x-serial: 1036
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 31664
expires: Mon, 21 Aug 2023 20:40:22 GMT

GET
H2 200 main.css
www.carmax.com/shared/header-footer/full/css/ 76 KB
8 KB 75ms
74ms Stylesheet
text/css 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/header-footer/full/css/main.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

157e0bd7f3edcb69771df4f2f6a16cdfec633fccc3c5fd281d7e5568bc75b867

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:22 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564022338_34603373_22564405_1049_18792_7_0_255";dur=1
content-length: 8239
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Thu, 17 Aug 2023 14:36:22 GMT
etag: "0x8DB9F2C897EC86D"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 main.js Show response
www.carmax.com/shared/saved-vehicles/saved-vehicles/full/js/ 71 KB
15 KB 42ms
40ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/saved-vehicles/saved-vehicles/full/js/main.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3cbea6ff8454ef59cee1bc5705f8bb0a0af11768b82a787076ccdd73c48c2fdd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:22 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564022450_34603373_22564629_552_11730_6_0_146";dur=1
content-length: 14689
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Thu, 17 Aug 2023 00:10:41 GMT
etag: "0x8D9D5DEE7B92A4C"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 lato-v16-latin-regular.woff2
www.carmax.com/shared/fonts/ 23 KB
23 KB 43ms
42ms Font
font/woff2 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/lato-v16-latin-regular.woff2

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24372992
Origin: https://www.carmax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Thu, 17 Aug 2023 14:16:17 GMT
etag: "0x8DB9F2C85BA84C4"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564022336_34603373_22564408_768_11590_6_0_219";dur=1
timing-allow-origin: *
content-length: 23484
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

GET
H2 200 CarMaxSharpSansDisp-Bold.woff2
www.carmax.com/shared/fonts/ 51 KB
51 KB 35ms
34ms Font
font/woff2 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/CarMaxSharpSansDisp-Bold.woff2

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82dc710b6f7086f10a331cf559d15e05273be6bff33ef030536fe2b2d1fb9231

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24372992
Origin: https://www.carmax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Thu, 17 Aug 2023 14:16:15 GMT
etag: "0x8DB9F2C847932F6"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564022332_34603373_22564409_381_11508_6_0_219";dur=1
timing-allow-origin: *
content-length: 52120
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

GET
H2 200 lato-v16-latin-700.woff2
www.carmax.com/shared/fonts/ 22 KB
23 KB 40ms
39ms Font
font/woff2 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/lato-v16-latin-700.woff2

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24372992
Origin: https://www.carmax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Thu, 17 Aug 2023 14:16:16 GMT
etag: "0x8DB9F2C851BEAE4"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1692564022330_34603373_22564410_434_14748_6_0_219";dur=1
timing-allow-origin: *
content-length: 22992
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

GET
H2 200 vendor.1e4948bd.css
www.carmax.com/car/assets/styles/ 191 KB
33 KB 73ms
72ms Stylesheet
text/css 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/vendor.1e4948bd.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d8a48d03ef562f9248621464a6a0f309cc6402426257e74893c9a5aec9f6ac3f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:22 GMT
content-md5: Qs7L/vEE+ESGKWVmKXy7ZQ==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=12, ak_p; desc="1692564022333_34603373_22564406_1682_10753_7_0_255";dur=1
content-length: 33501
last-modified: Tue, 08 Aug 2023 15:49:39 GMT
etag: "0x8DB938ED0F1D9E9"
vary: Accept-Encoding
x-azure-ref: 0EmTSZAAAAAAXdDjyi+UTS6LQGFZ6yBfMTU5aMjIxMDYwNjEyMDE3ADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
content-type: text/css
x-frame-options: sameorigin
x-ms-request-id: 5758ade6-001e-0014-6c0f-ca80f0000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.6ad62c2b.css
www.carmax.com/car/assets/styles/ 30 KB
6 KB 75ms
75ms Stylesheet
text/css 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/main.6ad62c2b.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

23f0ecff2a6fe8d7f3e2131ca104b37506c6043996844b28af67cddc466f63f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:22 GMT
content-md5: k9lUI0brPXUxmn4NkBNXzg==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=18, ak_p; desc="1692564022333_34603373_22564407_2234_11344_7_0_255";dur=1
content-length: 5295
last-modified: Tue, 15 Aug 2023 17:50:36 GMT
etag: "0x8DB9DB6791A10C7"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
x-azure-ref: 20230815T175036Z-0wqtpt10n952f84m1k4sz1rg5g00000004u000000001dg1b
x-ms-request-id: 3a068d3d-701e-007c-04a0-cfe660000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 4148e3bf Show response
www.carmax.com/akam/13/ 26 KB
9 KB 263ms
262ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/akam/13/4148e3bf

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5a35d0d1d1ad17032ca2c71ff99ad6d80f017057c335fd63bee4551ee73b86eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 09 Feb 2022 15:13:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: "ef62794da39981b64e6a72c08cc56f46b4bed61e6d4fba82aa4b105bfc076841"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
server-timing: cdn-cache; desc=HIT, edge; dur=207, ak_p; desc="1692564022475_34603373_22564630_23603_10876_6_0_146";dur=1
timing-allow-origin: *
content-length: 8760

GET
H2 200 main.js Show response
www.carmax.com/shared/header-footer/full/js/ 119 KB
23 KB 50ms
48ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/header-footer/full/js/main.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ccb110f94c8ba54dccbfe7d197eee701a5d7ba823cf14cd4f65f1c424de8e685

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:22 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564022460_34603373_22564631_1480_19564_6_0_146";dur=1
content-length: 22905
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Thu, 17 Aug 2023 14:32:47 GMT
etag: "0x8DB9F2C89E9D6AD"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 pannellum.js Show response
www.carmax.com/car/assets/scripts/ 90 KB
19 KB 42ms
41ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/pannellum.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cf0c411f714a04aa04ddfb95f17dc6f71b9e2737807a06de756e096cba4b18c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:22 GMT
content-md5: bsGT/2FUZrXnvI8QT5C8nA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1692564022451_34603373_22564632_924_11595_6_0_146";dur=1
content-length: 18374
last-modified: Tue, 08 Aug 2023 15:54:49 GMT
etag: "0x8DB938ED0F44A9F"
vary: Accept-Encoding
x-azure-ref: 0SWXSZAAAAAAowNu9yFVmQ4zlKxeh9WSeTU5aMjIxMDYwNjExMDQ3ADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
content-type: application/javascript
x-frame-options: sameorigin
x-ms-request-id: db23fb5a-b01e-003e-5c10-ca5fe0000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 43718.js Show response
ethn.io/ 0
637 B 579ms
188ms Script
text/javascript 52.24.153.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ethn.io/43718.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.24.153.248 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-153-248.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: ; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=0;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

X-Runtime: 0.002815
Date: Sun, 20 Aug 2023 20:40:22 GMT
Strict-Transport-Security: max-age=0;
Referrer-Policy: same-origin
Content-Security-Policy: default-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: ; style-src 'self' https: 'unsafe-inline'
Server: nginx
X-Download-Options: noopen
Content-Type: text/javascript
Cache-Control: no-cache
Feature-Policy: camera 'none'; geolocation 'none', microphone *
Connection: keep-alive
Content-Length: 0
X-Request-Id: 8903ffb8-e249-41a1-a8aa-c23de0d34a5a

GET
H2 200 runtime.65c43632.js Show response
www.carmax.com/car/assets/scripts/ 4 KB
2 KB 51ms
50ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82c80d5979835694c0e24e4c21236690e2417fbe429bf571207e423fccef8f4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:22 GMT
content-md5: VLa2SYjo27q3lrH6S1IlJA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1692564022460_34603373_22564633_1946_14871_6_0_146";dur=1
content-length: 1576
last-modified: Thu, 17 Aug 2023 16:37:04 GMT
etag: "0x8DB9F36C3DC8E7D"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
x-azure-ref: 20230817T163703Z-zdaagaeqax2059d6mf2vn246dn00000007v0000000009q3a
x-ms-request-id: 8654b97d-b01e-0001-4329-d19743000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vendor.03708e62.chunk.js Show response
www.carmax.com/car/assets/scripts/ 3 MB
605 KB 79ms
78ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3ce73d65cbeddb520aa9f693e1379018fc0ae2da95c10b10da0396c9d17b6cae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:22 GMT
content-md5: 14HL5yM/Qg+7ULkIhEj9sQ==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=36, ak_p; desc="1692564022454_34603373_22564634_4431_21938_6_0_146";dur=1
content-length: 618602
last-modified: Tue, 15 Aug 2023 17:56:45 GMT
etag: "0x8DB9DB67A11E181"
vary: Accept-Encoding
x-azure-ref: 0VbzbZAAAAABmSKP3wxZKS7fq3noCRYkuREZXMzBFREdFMTUxNwA5NjQ1ZGViZC0zMTY1LTQzODktYTUwZi0wNmI3YWZmYjcxOTg=
content-type: application/javascript
x-frame-options: sameorigin
x-ms-request-id: 76bc0fa8-401e-0005-2fa1-cf1a44000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.7009e1bc.chunk.js Show response
www.carmax.com/car/assets/scripts/ 153 KB
34 KB 77ms
76ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/main.7009e1bc.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d6409261546efacc5fd0a9030ecac28101ca540ef98e1cc9783b1d565a5bbbc3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:22 GMT
content-md5: eBoY6VgmVwZPnQlqkmmdOQ==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=32, ak_p; desc="1692564022465_34603373_22564635_5065_14246_6_0_146";dur=1
content-length: 33763
last-modified: Tue, 15 Aug 2023 17:41:43 GMT
etag: "0x8DB9DB6794BC7FD"
vary: Accept-Encoding
x-azure-ref: 017jbZAAAAACYkyoGUK0yRb7P/vSpGRwFREZXMzBFREdFMTYwNwA5NjQ1ZGViZC0zMTY1LTQzODktYTUwZi0wNmI3YWZmYjcxOTg=
content-type: application/javascript
x-frame-options: sameorigin
x-ms-request-id: c7052cb1-101e-0018-5f9f-cf17f8000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 qfEwJNm4 Show response
www.carmax.com/u-es0pnc8-_x2ZvNyg/Gu7irhhQ9D1u5G/QRIkbg/fEA/ 224 KB
85 KB 38ms
38ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/u-es0pnc8-_x2ZvNyg/Gu7irhhQ9D1u5G/QRIkbg/fEA/qfEwJNm4

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c60b5d79dfb0706547f46fd1e00e48456d4050d3cc50157bf27f52ea0f85a6f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Aug 2023 16:14:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: "471429e29d8ee06b6ff478b3583ff18f57f4537fee9425f576ff7c9f446e4738"
stored-attribute-sha-checksum: c60b5d79dfb0706547f46fd1e00e48456d4050d3cc50157bf27f52ea0f85a6f1
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=21600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564022410_34603373_22564555_829_9844_6_0_182";dur=1
timing-allow-origin: *
content-length: 86334

GET
H2 200 G44P5-SQM6J-DDMWR-2C333-A6FEA Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 39ms
8ms Script
application/javascript 2a02:26f0:480:980::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/car/24372992
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:980::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
content-encoding: br
last-modified: Wed, 09 Aug 2023 07:22:32 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b44fec7e955719cd5a13d47130d55d9135ffcb16081d91fa30703b0ce4f94248

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js Show response
assets.adobedtm.com/ 639 KB
143 KB 83ms
36ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/car/24372992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6c062deaf76d33dafb778c0f5728e20ac1e0cfd63e1da7a50dcdf2195c941513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 16:30:47 GMT
server: AkamaiNetStorage
etag: "0a63e2b43158fae89f0ebc13a2b97e33:1692376247.010877"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 145924
expires: Sun, 20 Aug 2023 21:40:22 GMT

GET
H2 200 main.css
www.carmax.com/shared/saved-vehicles/saved-vehicles/full/css/ 17 KB
3 KB 38ms
38ms Stylesheet
text/css 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/saved-vehicles/saved-vehicles/full/css/main.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

333db8b1e78f48c5ef193ce6a8974cf3fc71b152b402e62231a993a8aaf174f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:22 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564022446_34603373_22564636_182_11332_6_0_109";dur=1
content-length: 2939
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Thu, 10 Aug 2023 02:52:05 GMT
etag: "0x8D9D5DEE7493B08"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

POST
H2 201 qfEwJNm4 Show response
www.carmax.com/u-es0pnc8-_x2ZvNyg/Gu7irhhQ9D1u5G/QRIkbg/fEA/ 18 B
936 B 533ms
531ms XHR
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/u-es0pnc8-_x2ZvNyg/Gu7irhhQ9D1u5G/QRIkbg/fEA/qfEwJNm4

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/u-es0pnc8-_x2ZvNyg/Gu7irhhQ9D1u5G/QRIkbg/fEA/qfEwJNm4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24372992
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: https://www.carmax.com
access-control-allow-credentials: true
x_req_id: aa59c956-f371-4619-b8e0-cc7a2b8962bf
server-timing: edge; dur=4, origin; dur=496, cdn-cache; desc=MISS, ak_p; desc="1692564022530_34603373_22564738_50694_6665_7_0_219";dur=1
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 18

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 21 KB
4 KB 97ms
63ms XHR
application/json 2a02:26f0:1700:38a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=G44P5-SQM6J-DDMWR-2C333-A6FEA&d=www.carmax.com&t=5641880&v=1.720.0&sl=0&si=0a82fa6e-ca5d-412d-ab56-dd6476788495-rzpira&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=245985
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9c114a48864bd8b547cb7fcb951212c52f04dcd79108709f9fe48a7436c38e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 20:40:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 3682

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 384 B
1 KB 167ms
30ms XHR
application/json 52.30.115.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=0C1038B35278345B0A490D4C%40AdobeOrg&d_nsid=0&ts=1692564022560

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.115.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-115-249.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3adead6368c693cef7ad42f71359d321dfe8db9eaaa542b760fa752d62e3e23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v050-0d440bd63.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: i1AuNy6zRdQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.carmax.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 322
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 34 KB
12 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
etag: "ade220db70aa3259d42f32d039757920:1689673134.025267"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12463
expires: Sun, 20 Aug 2023 21:40:22 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
etag: "051ec0e10d7fb5b48a8bf326aa3a7442:1689673134.518239"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Sun, 20 Aug 2023 21:40:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 19:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3039
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 20 Aug 2023 21:49:43 GMT

GET
H2 200 RC3b64dcef9ed34ef3824e4c8988dacf20-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/ 568 B
599 B 7ms
7ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/RC3b64dcef9ed34ef3824e4c8988dacf20-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3da148dabbdd5591d17ff80643b8ed9f65ea53804dc341b13dafcc644f617c60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 16:30:47 GMT
server: AkamaiNetStorage
etag: "0cd58e5976bd8d7fbb4884f5e9e1bd9b:1692376247.912563"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 342
expires: Sun, 20 Aug 2023 21:40:22 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 20 Aug 2023 21:20:27 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=36905351&t=pageview&_s=1&dl=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&ul=en-us&de=UTF-8&dt=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIJAAAAACAMo~&jid=1654681813&gjid=289751268&cid=1181624589.1692564023&tid=UA-187672-9&_gid=131140975.1692564023&_r=1&_slc=1&z=138707844

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-187672-9&cid=1181624589.1692564023&jid=1654681813&gjid=289751268&_gid=131140975.1692564023&_u=aGDAAUIIAAAAACAMo~&z=1328202822

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 20 Aug 2023 20:40:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 23.a967db71.chunk.js Show response
www.carmax.com/car/assets/scripts/ 233 B
733 B 38ms
38ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/23.a967db71.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ff82e745b457a03c8dc6f962fae8f7478dfa985c0861d52d416b0677a66801a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:22 GMT
content-md5: 4MQmLDGcnMmFY0UYoLqYOA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=13, ak_p; desc="1692564022868_34603373_22565443_1240_12491_7_0_146";dur=1
content-length: 191
last-modified: Tue, 15 Aug 2023 17:56:42 GMT
etag: "0x8DB9DB6791FB544"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
x-azure-ref: 20230815T175642Z-63pxdg3knx15zeftmz8fm1udwn00000004tg00000002sv8q
x-ms-request-id: a726691a-c01e-001b-0ba1-cff69c000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 55ms
31ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-187672-9&cid=1181624589.1692564023&jid=1654681813&_u=aGDAAUIIAAAAACAMo~&z=2108379892

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 55ms
31ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-187672-9&cid=1181624589.1692564023&jid=1654681813&_u=aGDAAUIIAAAAACAMo~&z=2108379892

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
carmaxbusinessservicesllc.demdex.net/ Frame 5264 7 KB
3 KB 125ms
29ms Document
text/html 63.35.31.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://carmaxbusinessservicesllc.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.31.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-31-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.carmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v050-0b6b5be26.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Iv5Hvmx2RiY=
content-encoding: gzip
date: Sun, 20 Aug 2023 20:40:22 GMT
last-modified: Wed, 28 Jun 2023 12:58:13 GMT
vary: accept-encoding

GET
H2 200 id Show response
carmax.sc.omtrdc.net/ 2 B
267 B 74ms
20ms XHR
application/x-javascript 63.140.62.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://carmax.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=0C1038B35278345B0A490D4C%40AdobeOrg&mid=11203331148671682203668995204512356818&ts=1692564022885

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-164.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 20 Aug 2023 20:40:22 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.carmax.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZOJ6NwAAAHCzggNe
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=02172832403053156674496047423589377373
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOJ6NwAAAHCzggNe

42 B
942 B

32ms
31ms

Image
image/gif

52.30.115.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOJ6NwAAAHCzggNe

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

HTTP/1.1

Server

52.30.115.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-115-249.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0ae28a8cd.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: wFM84UgsTz4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOJ6NwAAAHCzggNe
Date: Sun, 20 Aug 2023 20:40:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
carmax.tt.omtrdc.net/rest/v1/ 33 KB
8 KB 131ms
44ms XHR
application/json 66.235.152.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://carmax.tt.omtrdc.net/rest/v1/delivery?client=carmax&sessionId=640082d188974000ac08c550e00b3cf7&version=2.5.0

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-107.data.adobedc.net

Software

jag /

Resource Hash

4b1c2b1bcf8c1242bb2da9c38492c762dabc688294505c10e62de81a43976abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: a2a0b10c-ccaf-4295-9642-e71d9ee963c6

GET
H2 200 featuretoggles Show response
www.carmax.com/car/api/ 51 B
919 B 557ms
556ms Fetch
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/featuretoggles

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cc01dd9740aea8c862aff612c37ac3516af1ad04d25876e0b512e552c6b0b5b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=467, origin; dur=42, ak_p; desc="1692564022942_34603373_22565603_51022_18237_10_0_219";dur=1
timing-allow-origin: *
content-length: 169
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 2021 Show response
www.carmax.com/car/api/reviews/Toyota/Tacoma/ 3 KB
2 KB 556ms
555ms Fetch
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/reviews/Toyota/Tacoma/2021

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5ffa44a3baf687c8215413b249925730c842a13d5e320176f80e51d5c7c1d900

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=442, origin; dur=18, ak_p; desc="1692564022955_34603373_22565605_47446_13916_6_0_219";dur=1
timing-allow-origin: *
content-length: 1788
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 404 low Show response
www.carmax.com/myaccount/token/svc/cookie/validate/ 33 B
838 B 281ms
281ms Fetch
text/plain 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/myaccount/token/svc/cookie/validate/low

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fb4b0288e6a42913d8d814e8231e35138e3d785c1ed7320a87f5a923f0c44225

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-azure-ref: 0N3riZAAAAAAvlTHBFyzrTaejSFGuKVRyQ0gxQUEyMDIwNjA5MDI5ADI4YTlmNjhhLWNkNDctNDlmNy1iODBiLTZlM2EwZmU0NzgxYw==
x-frame-options: sameorigin
content-type: text/plain; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=188, origin; dur=39, ak_p; desc="1692564022940_34603373_22565606_22708_14329_8_0_219";dur=1
timing-allow-origin: *
content-length: 33
request-context: appId=cid-v1:4fdfc076-2449-414b-ad51-c84addcf8417

POST
H2 200 aprscore Show response
www.carmax.com/car/api/ 62 B
982 B 828ms
827ms Fetch
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/aprscore

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5f24beb1ede103df25e539b10a6f7f305067960cff5b7e58c125b2a76c546a46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24372992
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type: application/json

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.carmax.com
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=413, origin; dur=341, ak_p; desc="1692564022972_34603373_22565656_75508_10589_7_0_219";dur=1
timing-allow-origin: *
content-length: 179
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 financerates Show response
www.carmax.com/car/api/finance/ 596 B
1 KB 493ms
493ms Fetch
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/finance/financerates

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

af1deaaf633efa94a89ffc9d1d3a250a352d1741bf8a7974dab0f156f662318b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=415, origin; dur=0, ak_p; desc="1692564022972_34603373_22565657_41688_16499_6_0_219";dur=1
timing-allow-origin: *
content-length: 333
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 hero.jpg
img2.carmax.com/assets/24372992/image/ 12 KB
12 KB 117ms
116ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/hero.jpg?width=400&height=300

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6bfb1d1e2652f3084b1c44c380d4d5580aa271d6d0297caa7854dc2a795ef142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Aug 2023 13:30:57 GMT
x-serial: 1158
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 12328
expires: Mon, 21 Aug 2023 20:40:23 GMT

GET
H2 200 CosmeticDetailsOverlay.svg
www.carmax.com/car/assets/images/ 33 KB
11 KB 80ms
80ms Image
image/svg+xml 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/car/assets/images/CosmeticDetailsOverlay.svg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

422d2b29ab3ecd0d9f7efc46b3e49e3b0fee9694914394558156d9322db55a4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: /tAmp/Ce+qiUVtjo6BnUMA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=32, ak_p; desc="1692564022972_34603373_22565659_3378_13097_7_0_146";dur=1
content-length: 10646
last-modified: Tue, 08 Aug 2023 15:48:24 GMT
etag: "0x8DB938ED11BA2EF"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
x-azure-ref: 20230808T154823Z-gnqr3wxzyt1che6dkeuy6ud3ac0000000890000000002k0q
x-ms-request-id: 6fe6d589-101e-0055-740f-cad814000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Copy.svg
www.carmax.com/car/assets/images/ 403 B
786 B 158ms
156ms Image
image/svg+xml 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/car/assets/images/Copy.svg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

51a48876d9e8e9a7b09864227e876c10c44ac9773e06a8e2e1bc3871402dc45f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: X7xm/0SfvfznCd+wqc3oNw==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=36, ak_p; desc="1692564023031_34603373_22565718_6968_13883_6_0_219";dur=1
content-length: 248
last-modified: Tue, 08 Aug 2023 15:48:22 GMT
etag: "0x8DB938ED101B60E"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
x-azure-ref: 20230808T154822Z-gnqr3wxzyt1che6dkeuy6ud3ac0000000890000000002hza
x-ms-request-id: 6fe6d31c-101e-0055-440f-cad814000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 FavIcon.svg
www.carmax.com/car/assets/images/nav-icons/ 1 KB
1021 B 78ms
76ms Image
image/svg+xml 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/car/assets/images/nav-icons/FavIcon.svg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a7441682f1172733347258a8700bfada72ea4bd0c1d94b71a1a2586aa569e85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: TxfbkomX89kHcOzS9rURvA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="1692564023015_34603373_22565719_2701_15457_7_0_219";dur=1
content-length: 482
last-modified: Tue, 08 Aug 2023 15:48:23 GMT
etag: "0x8DB938ED121957B"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
x-azure-ref: 20230808T154823Z-wxyh9v98u51t9ewgh30cqqcwnc00000004hg00000001b0fk
x-ms-request-id: 083df6fc-601e-0060-730f-cab400000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ShareIcon.svg
www.carmax.com/car/assets/images/nav-icons/ 579 B
889 B 76ms
75ms Image
image/svg+xml 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/car/assets/images/nav-icons/ShareIcon.svg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

583999d7707ecc8a05e42220c4a50fba22a4f2238a155c046ede07e0c2252499

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: O1MEbmWTbOQuumSdAupgOA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1692564023005_34603373_22565720_1113_12819_7_0_219";dur=1
content-length: 352
last-modified: Tue, 08 Aug 2023 15:48:12 GMT
etag: "0x8DB938ED0F02C6F"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
x-azure-ref: 20230808T154812Z-gnqr3wxzyt1che6dkeuy6ud3ac0000000890000000002hg7
x-ms-request-id: 6fe6bb87-101e-0055-030f-cad814000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 24372992 Show response
img2.carmax.com/api/images/vehicles/ 180 KB
29 KB 463ms
434ms Fetch
application/json 2a02:26f0:7100:8b5::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/images/vehicles/24372992

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8b5::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6952f65729d1ad40a2d8c3e08eeb36c552613b06b53ca135e2c02219f8d340d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Microsoft-IIS/10.0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, must-revalidate, max-age=300
arr-disable-session-affinity: true
timing-allow-origin: *
content-length: 29428
request-context: appId=cid-v1:7b9e3d73-65fd-4694-adef-4f29f023c077

GET
H2 200 24372992 Show response
www.carmax.com/car/api/hotspots/ 15 KB
5 KB 667ms
666ms Fetch
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/hotspots/24372992

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

13e04e838da8999b63f4d5c50c25a1c292ca59a8ea4d4132c5bedb24bebb6ff4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=337, origin; dur=270, ak_p; desc="1692564023012_34603373_22565721_62250_25736_10_0_219";dur=1
timing-allow-origin: *
content-length: 4463
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 24372992 Show response
www.carmax.com/car/api/saved-vehicle/count/ 35 B
903 B 708ms
707ms Fetch
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/saved-vehicle/count/24372992

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f1fd1b848f3baa9902a630990dd350033d304bd02c6d3aadb39ca254edaabea4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=340, origin; dur=272, ak_p; desc="1692564023025_34603373_22565722_63953_15230_10_0_219";dur=1
timing-allow-origin: *
content-length: 155
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 7104 Show response
www.carmax.com/car/api/stores/ 2 KB
2 KB 162ms
162ms Fetch
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/stores/7104

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

00cec3182624389be527e748b4273b56127435a8d82a4f35585e1bd23349ea60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=110, origin; dur=0, ak_p; desc="1692564023005_34603373_22565723_11907_12372_6_0_219";dur=1
timing-allow-origin: *
content-length: 1051
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 12.16b8a3a8.css
www.carmax.com/car/assets/styles/ 83 B
652 B 159ms
159ms Stylesheet
text/css 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/12.16b8a3a8.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

30eb525a02db1c2853de8ca3037d84a2095c3be4aed268205bacb07c1e04626e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: SlLVa0ROpwUpJCyih7FmUQ==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=81, ak_p; desc="1692564023031_34603373_22565724_11366_29393_6_0_255";dur=1
content-length: 80
last-modified: Tue, 15 Aug 2023 18:01:51 GMT
etag: "0x8DB9DB679462380"
vary: Accept-Encoding
x-azure-ref: 0jr3bZAAAAAArGu3sMXrdTre/qdQhk4iETU5aMjIxMDYwNjEyMDQ5ADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
content-type: text/css
x-frame-options: sameorigin
x-ms-request-id: 8ad4f96e-b01e-002e-66a2-cf9a88000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 12.7947bcfb.chunk.js Show response
www.carmax.com/car/assets/scripts/ 4 KB
2 KB 84ms
83ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/12.7947bcfb.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

76d375f15715c95ebe6b7ef7fd96f0b2dbe54b582d3f81e3f4b2e1f9a5654ab3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: z7w2LcysKr8LnEdwm+Vekw==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=29, ak_p; desc="1692564023004_34603373_22565725_3661_12947_7_0_146";dur=1
content-length: 1460
last-modified: Tue, 15 Aug 2023 17:59:17 GMT
etag: "0x8DB9DB6793CFD17"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
x-azure-ref: 20230815T175916Z-dkf1a37wm10tp1p4y9bt2gq6b400000004u000000000v8yv
x-ms-request-id: 1c4e0529-201e-004e-3ea2-cfe617000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6.27f378d4.css
www.carmax.com/car/assets/styles/ 6 KB
2 KB 240ms
239ms Stylesheet
text/css 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/6.27f378d4.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba3f7f5f275a53da50b81cd5cdb4eb40cd675d3ce5f99eb4ed14700a27bc0930

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: GCWAEvsSSzHabr7Q3EKmRw==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=66, ak_p; desc="1692564023145_34603373_22565845_15094_23293_8_0_255";dur=1
content-length: 1429
last-modified: Tue, 08 Aug 2023 15:51:20 GMT
etag: "0x8DB938ED111B94D"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
x-azure-ref: 20230808T155119Z-gc04w0ynex7tb31hucdh7esrq400000004ag000000003aya
x-ms-request-id: d60b2edf-b01e-004c-7110-ca58af000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6.7ebbc1ca.chunk.js Show response
www.carmax.com/car/assets/scripts/ 14 KB
5 KB 130ms
130ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/6.7ebbc1ca.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ab10dddbb65664979fa220ac220948ad7d8020977190d60ad731fa5d257ab68e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: 4cwY4nRtM2gkipzBbdGlAw==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1692564023070_34603373_22565846_1659_13596_6_0_146";dur=1
content-length: 4168
last-modified: Tue, 15 Aug 2023 17:55:53 GMT
etag: "0x8DB9DB6794C6423"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
x-azure-ref: 20230815T175553Z-qp654r513p1hp8g6r27bd2404g00000004tg00000002b6p0
x-ms-request-id: 3a107f80-701e-007c-42a1-cfe660000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 11.53f590aa.css
www.carmax.com/car/assets/styles/ 905 B
907 B 157ms
156ms Stylesheet
text/css 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/11.53f590aa.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15a166f0c9fa47868117bb56a03433464c1e259dfeaeb90c59c0ba8a5a251684

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: zAoIX/GzeJ2aDUAE69VvDQ==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=28, ak_p; desc="1692564023114_34603373_22565847_8197_13411_6_0_255";dur=1
content-length: 374
last-modified: Tue, 15 Aug 2023 17:42:21 GMT
etag: "0x8DB9DB679420566"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
x-azure-ref: 20230815T174220Z-adh8w28n6t6v145wxxm0vnh7u4000000079g00000001xfge
x-ms-request-id: 401a1aeb-001e-0059-0b9f-cf4f1c000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 11.68f43b4a.chunk.js Show response
www.carmax.com/car/assets/scripts/ 3 KB
2 KB 130ms
130ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/11.68f43b4a.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82e8e5548cae6a0169508fce24b6f6c32052e4123d8387ba7eae390f23853046

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: tbvpqJ7+OE40YxWTjATrTA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1692564023075_34603373_22565848_2091_15136_6_0_146";dur=1
content-length: 996
last-modified: Tue, 15 Aug 2023 17:55:56 GMT
etag: "0x8DB9DB67950D05E"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
x-azure-ref: 20230815T175555Z-tymzv2wwgh4u3erdaax2vbvcun00000000k000000000a4b2
x-ms-request-id: 8279549d-201e-003c-49a1-cfe158000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 16.7bfeb9c0.css
www.carmax.com/car/assets/styles/ 538 B
830 B 128ms
127ms Stylesheet
text/css 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/16.7bfeb9c0.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1eba057505fdae57a634f4d27e4b7241bfdf0246f8cc688d99234c5005960110

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: edhCRczumPbwBpgqqV31Nw==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=11, ak_p; desc="1692564023067_34603373_22565849_2121_14981_6_0_255";dur=1
content-length: 258
last-modified: Tue, 15 Aug 2023 17:45:12 GMT
etag: "0x8DB9DB6790FB20F"
vary: Accept-Encoding
x-azure-ref: 0p7nbZAAAAAAr2o+T1nHnTpLuyFevLQz7Q0gxQUEyMDIwNjA4MDQ3ADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
content-type: text/css
x-frame-options: sameorigin
x-ms-request-id: bef3de7f-501e-006b-68a0-cf4f6b000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 16.14923218.chunk.js Show response
www.carmax.com/car/assets/scripts/ 1 KB
1 KB 133ms
133ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/16.14923218.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e35714490f47936b66e98bffb14face34382aae54e5afde6cf628a5f21d8d3c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: BJYyAs3+lzkphVRk7rGXCg==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=28, ak_p; desc="1692564023072_34603373_22565850_4369_17791_6_0_146";dur=1
content-length: 515
last-modified: Tue, 15 Aug 2023 17:42:10 GMT
etag: "0x8DB9DB6790D4167"
vary: Accept-Encoding
x-azure-ref: 08rjbZAAAAAClCdVcIKi7R4wF2su91E3OREZXMzBFREdFMTYyMQA5NjQ1ZGViZC0zMTY1LTQzODktYTUwZi0wNmI3YWZmYjcxOTg=
content-type: application/javascript
x-frame-options: sameorigin
x-ms-request-id: d1bbea48-501e-007b-2c9f-cf8a03000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 17.7bfeb9c0.css
www.carmax.com/car/assets/styles/ 538 B
831 B 132ms
131ms Stylesheet
text/css 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/17.7bfeb9c0.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

25963f5c9b1702a5ea9acc18daf394e80acab8a1cf88d48ac49ceb0ad29d75f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: jPpueOdhzVRE8JxB1ySOTg==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=8, ak_p; desc="1692564023075_34603373_22565851_2515_16273_6_0_255";dur=1
content-length: 258
last-modified: Tue, 15 Aug 2023 17:45:18 GMT
etag: "0x8DB9DB6793890F7"
vary: Accept-Encoding
x-azure-ref: 0rrnbZAAAAADPB3GypXBxT5QD8daMqlSpQ0gxQUEyMDIwNjA5MDM5ADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
content-type: text/css
x-frame-options: sameorigin
x-ms-request-id: 64ae798c-b01e-0063-10a0-cf5564000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 17.4af8aae2.chunk.js Show response
www.carmax.com/car/assets/scripts/ 1 KB
1 KB 152ms
152ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/17.4af8aae2.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.65c43632.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9512e4cfe0dcf8bbb3b614ea276ff9153c7642c4f641459620a0326d3d925ecd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: Ar+PK0zpt8LEUDVJ4ywTWg==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=47, ak_p; desc="1692564023067_34603373_22565852_5814_13100_6_0_146";dur=1
content-length: 520
last-modified: Tue, 15 Aug 2023 18:22:29 GMT
etag: "0x8DB9DB679344BC4"
vary: Accept-Encoding
x-azure-ref: 0ZcLbZAAAAAD24gWOl2miS5i+AGXp4CFJTU5aMjIxMDYwNjExMDUxADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
content-type: application/javascript
x-frame-options: sameorigin
x-ms-request-id: c1109b06-401e-0083-47a5-cfd6fd000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

POST
H2 201 qfEwJNm4 Show response
www.carmax.com/u-es0pnc8-_x2ZvNyg/Gu7irhhQ9D1u5G/QRIkbg/fEA/ 18 B
935 B 362ms
361ms XHR
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/u-es0pnc8-_x2ZvNyg/Gu7irhhQ9D1u5G/QRIkbg/fEA/qfEwJNm4

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24372992
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: https://www.carmax.com
access-control-allow-credentials: true
x_req_id: 9f21837b-3394-4e46-a0a2-310f025a3687
server-timing: edge; dur=7, origin; dur=291, cdn-cache; desc=MISS, ak_p; desc="1692564023201_34603373_22566035_32262_7725_12_0_219";dur=1
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 242 KB
66 KB 44ms
8ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/car/24372992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 63c6fcb4e0dd6d63b97574ba2717220a0ceb9fe55b7d34e7ed6133eaa82d5886

Request headers

Referer: https://www.carmax.com/
Origin: https://www.carmax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:33:00 GMT
content-encoding: br
age: 443
x-guploader-uploadid: ADPycdtLf0yuF9f53dfE1hJiTg8uNqdapGihnCl-v5wGahvrCTKiW6jhmXZRl0uXsogEQeIKI9wv7twAgk2bNCNGLP48vw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67382
last-modified: Thu, 17 Aug 2023 14:49:44 GMT
server: UploadServer
etag: "73ae3407fb422f1b2d35137c774b84b1"
vary: Accept-Encoding
x-goog-generation: 1692283784371563
x-goog-hash: crc32c=1E7iYA==, md5=c640B/tCLxstNRN8d0uEsQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 67382
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 20 Aug 2023 21:33:00 GMT

HEAD
H2 200 main.js Show response
www.carmax.com/shared/chat/ 0
397 B 141ms
140ms XHR
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/chat/main.js

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: ak_p; desc="1692564023200_34603373_22566036_11657_12882_13_0_255";dur=1
content-length: 3255439
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Wed, 28 Jun 2023 2:00:46 GMT
etag: "0x8DB777B7CB862F9"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 pagecontext Show response
www.carmax.com/chat/ 865 B
1 KB 330ms
330ms XHR
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/chat/pagecontext

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0b33034d760d9270129ba589a0730012ce52285b4f7345c5611dc2d60d2a213c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=221, origin; dur=49, ak_p; desc="1692564023357_34603373_22566265_29606_17775_10_0_219";dur=1
timing-allow-origin: *
content-length: 562
request-context: appId=cid-v1:1614b205-aa90-4548-be15-db837b4e1e5a

GET
H2 200 main.css Show response
www.carmax.com/shared/chat/ 11 KB
3 KB 69ms
68ms XHR
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/chat/main.css

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d54b302aaeb65b51c2dee27f2260d2e61ce614db3272b77a77b0a77c7763d915

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564023341_34603373_22566266_1073_16254_6_0_219";dur=1
content-length: 2148
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Mon, 07 Aug 2023 04:55:51 GMT
etag: "0x8DB777B7C0E0CA4"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 ec70f1528385f41d770aa47efbbc1655.gif
www.carmax.com/chat/dist/ 67 KB
68 KB 33ms
32ms Image
image/gif 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/chat/dist/ec70f1528385f41d770aa47efbbc1655.gif

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1186a53d5335c7c1f812adeca7ee14e6aa3d752a6ff9b81674523e4d5ced0557

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Wed, 28 Jun 2023 01:59:06 GMT
etag: "1d9a9641ea29c7c"
x-frame-options: sameorigin
content-type: image/gif
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564023335_34603373_22566267_533_13493_11_0_146";dur=1
accept-ranges: bytes
timing-allow-origin: *
content-length: 68988
request-context: appId=cid-v1:1614b205-aa90-4548-be15-db837b4e1e5a

POST
H2 200 pixel_4148e3bf Show response
www.carmax.com/akam/13/ 0
843 B 53ms
52ms XHR
text/html 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/akam/13/pixel_4148e3bf

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24372992
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: sameorigin
content-type: text/html
server-timing: cdn-cache; desc=HIT, edge; dur=8, ak_p; desc="1692564023358_34603373_22566302_1182_10095_6_0_219";dur=1
timing-allow-origin: *
content-length: 0

GET
H2 204 24372992 Show response
www.carmax.com/car/api/transferstatus/ 0
387 B 615ms
614ms Fetch 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/transferstatus/24372992

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
api-supported-versions: 1.0
x-frame-options: sameorigin
server-timing: cdn-cache; desc=MISS, edge; dur=394, origin; dur=121, ak_p; desc="1692564023437_34603373_22566349_55758_15386_9_0_219";dur=1
timing-allow-origin: *
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 24372992 Show response
www.carmax.com/car/api/highlights/ 6 KB
4 KB 515ms
515ms Fetch
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/highlights/24372992

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

321af4cea119c712ba6f4c17ce2b030749dc0cb98b8dc291094a10212ce1a700

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=176, origin; dur=285, ak_p; desc="1692564023415_34603373_22566356_48436_13359_13_0_219";dur=1
timing-allow-origin: *
content-length: 3213
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 undefined Show response
www.carmax.com/car/api/prioruse/disclosures/24372992/ 2 B
871 B 510ms
510ms Fetch
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/prioruse/disclosures/24372992/undefined

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=188, origin; dur=273, ak_p; desc="1692564023397_34603373_22566357_46709_14489_13_0_219";dur=1
timing-allow-origin: *
content-length: 122
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 web Show response
edge.fullstory.com/s/settings/J90WC/v1/ 16 KB
3 KB 9ms
8ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/J90WC/v1/web
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5142c9f8bf61b5b1d33425816bdaf5e781f9982b3f2c56b4df4f5f122c58b607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:33:47 GMT
content-encoding: gzip
age: 396
x-guploader-uploadid: ADPycduizb6jhKF2aOCfu8GYMAW2zvTic3dwWUC3NNDgmjihflAPeUQ-eMGEpXGQ80CmoGIqcZlhUApmkh0qn0SFTmLOGuS3SD4Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3142
last-modified: Sun, 20 Aug 2023 20:31:20 GMT
server: UploadServer
etag: "e192f6740305ddff888b44afeb2e070b"
x-goog-generation: 1692563480531296
x-goog-hash: crc32c=lF5/IQ==, md5=4ZL2dAMF3f+Ii0Sv6y4HCw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 3142
accept-ranges: bytes
content-type: application/json
expires: Sun, 20 Aug 2023 20:48:47 GMT

GET
H2 200 RCefa34504f82c495d8e54193a956f69fe-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/ 1 KB
872 B 7ms
7ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/RCefa34504f82c495d8e54193a956f69fe-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a7c49ca0ba325031366e743d28ff8b9c7e5f2f9cf5edf9787afaffdb5892467c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 16:30:47 GMT
server: AkamaiNetStorage
etag: "0cd58e5976bd8d7fbb4884f5e9e1bd9b:1692376247.912563"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 615
expires: Sun, 20 Aug 2023 21:40:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 173 KB
47 KB 55ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 20 Aug 2023 20:40:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47412
x-xss-protection: 0
pragma: public
x-fb-debug: 7tmSFLQpBMvo9848g+kMBU2aK2/S15C88sK0JLsnmHg/c/ErpYagnKdLPAZvUV1T12+HrL+U9W29ES2CLakoxw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 RCd4d761a91d4049e9bc2ab4b3fe291e03-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/ 1 KB
850 B 7ms
7ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/RCd4d761a91d4049e9bc2ab4b3fe291e03-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d892b9b031c0ec5075007c5637987ab3078d778a1d19627c6148014756ec1459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 16:30:47 GMT
server: AkamaiNetStorage
etag: "0cd58e5976bd8d7fbb4884f5e9e1bd9b:1692376247.912563"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 593
expires: Sun, 20 Aug 2023 21:40:23 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 16 KB
3 KB 272ms
230ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 22d920b4beebfe3642097e5ac276d0109658f1fad972c03f285eb256ecc30fa2

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.carmax.com
date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 117ms
76ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 20 Aug 2023 20:40:23 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E7B4AF4131F94F5F9B9167B81C848373 Ref B: FRA31EDGE0218 Ref C: 2023-08-20T20:40:23Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12469

GET
H2 200 RCb71449ad634c447ca4bdf56aa153f6ef-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/ 1 KB
889 B 10ms
10ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/RCb71449ad634c447ca4bdf56aa153f6ef-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 875691cc2240dde463b0e758799d2e0eb0b8d520c8ed6d3702c7b253ab6e2336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 16:30:47 GMT
server: AkamaiNetStorage
etag: "0cd58e5976bd8d7fbb4884f5e9e1bd9b:1692376247.912563"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 632
expires: Sun, 20 Aug 2023 21:40:23 GMT

GET
H2 200 10.jpg
img2.carmax.com/img/vehicles/24372992/ 34 KB
34 KB 979ms
978ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/img/vehicles/24372992/10.jpg?width=400&ratio=4/3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c6dcc9481bfcab795c220bcaeaaf7b2d62394c458ef0581ed2d567763738a320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: source.height, source.width, source.crop.height, source.crop.width, source.crop.x, source.crop.y
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-headers: *
x-served-by: media-service.carmax.com

GET
H2 200 12.jpg
img2.carmax.com/img/vehicles/24372992/ 36 KB
36 KB 936ms
935ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/img/vehicles/24372992/12.jpg?width=400&ratio=4/3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dc090b8c4eb709ca23d9c069d00300b5d77fba57505f84f215fc3cccefb26ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: source.height, source.width, source.crop.height, source.crop.width, source.crop.x, source.crop.y
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-headers: *
x-served-by: media-service.carmax.com

GET
H2 200 11.jpg
img2.carmax.com/img/vehicles/24372992/ 43 KB
44 KB 1055ms
1053ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/img/vehicles/24372992/11.jpg?width=400&ratio=4/3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22df4b81e8a437a48f2600d5f74126b0c93647ffff19813ce663defe943f380e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: source.height, source.width, source.crop.height, source.crop.width, source.crop.x, source.crop.y
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-headers: *
x-served-by: media-service.carmax.com

GET
H2 200 23.jpg
img2.carmax.com/img/vehicles/24372992/ 113 KB
114 KB 1055ms
1054ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/img/vehicles/24372992/23.jpg?width=400&ratio=4/3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

65e84dabde8c53ba8ae74e6630eb511c7a7f476de8f9f40a08fa2704138dd5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: source.height, source.width, source.crop.height, source.crop.width, source.crop.x, source.crop.y
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-headers: *
x-served-by: media-service.carmax.com

GET
H2 200 21.jpg
img2.carmax.com/img/vehicles/24372992/ 25 KB
25 KB 861ms
860ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/img/vehicles/24372992/21.jpg?width=400&ratio=4/3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b236a5281db07ac6d4f4670e1b196f1f5e67f40e85dc5ff760dff2308a324e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: source.height, source.width, source.crop.height, source.crop.width, source.crop.x, source.crop.y
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-headers: *
content-length: 25552
x-served-by: media-service.carmax.com

GET
H2 200 15.jpg
img2.carmax.com/img/vehicles/24372992/ 59 KB
59 KB 696ms
695ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/img/vehicles/24372992/15.jpg?width=400&ratio=4/3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e8028afce06a57f18b8f8807727f318a65d8e0b39bd323c1c9989a0f22d260f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: source.height, source.width, source.crop.height, source.crop.width, source.crop.x, source.crop.y
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-headers: *
x-served-by: media-service.carmax.com

GET
H2

200

1.jpg
img2.carmax.com/img/vehicles/24372992/
Redirect Chain

https://img2.carmax.com/img/vehicles/24372992/1/1600.jpg
https://img2.carmax.com/img/vehicles/24372992/1.jpg?width=1600

43 KB
43 KB

1129ms
1129ms

Image
image/webp

2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/img/vehicles/24372992/1.jpg?width=1600

Protocol

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c301877b8b2159c6bc108da116a07628d485b07a27ce1c543999348d5096f044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
source.crop.height: 2534
source.crop.y: 906
source.crop.x: 2146
source.width: 8192
source.crop.width: 3379
x-served-by: media-service.carmax.com
source.height: 5464
pragma: public
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: source.height, source.width, source.crop.height, source.crop.width, source.crop.x, source.crop.y
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Sun, 20 Aug 2023 20:40:23 GMT
strict-transport-security: max-age=31536000
server: AkamaiGHost
location: https://img2.carmax.com/img/vehicles/24372992/1.jpg?width=1600
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0
x-served-by: media-service.carmax.com

GET
DATA 200
OK truncated
/ 58 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 201 qfEwJNm4 Show response
www.carmax.com/u-es0pnc8-_x2ZvNyg/Gu7irhhQ9D1u5G/QRIkbg/fEA/ 18 B
916 B 646ms
646ms XHR
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/u-es0pnc8-_x2ZvNyg/Gu7irhhQ9D1u5G/QRIkbg/fEA/qfEwJNm4

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24372992
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: https://www.carmax.com
access-control-allow-credentials: true
x_req_id: 59155fb1-2a51-4c86-8c92-f2fad78be12d
server-timing: edge; dur=12, origin; dur=560, cdn-cache; desc=MISS, ak_p; desc="1692564023608_34603373_22566752_57473_6798_6_0_219";dur=1
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 18

POST
H2 201 qfEwJNm4 Show response
www.carmax.com/u-es0pnc8-_x2ZvNyg/Gu7irhhQ9D1u5G/QRIkbg/fEA/ 18 B
914 B 319ms
319ms XHR
application/json 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/u-es0pnc8-_x2ZvNyg/Gu7irhhQ9D1u5G/QRIkbg/fEA/qfEwJNm4

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24372992
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: https://www.carmax.com
access-control-allow-credentials: true
x_req_id: c5eaabc2-d9ea-4ac6-8000-d833e76992ef
server-timing: edge; dur=6, origin; dur=253, cdn-cache; desc=MISS, ak_p; desc="1692564023612_34603373_22566753_26448_7620_13_0_219";dur=1
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 RC1bf1cd9f3a3e44eda4b8a2bd521b99b7-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/ 3 KB
1 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/RC1bf1cd9f3a3e44eda4b8a2bd521b99b7-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1ba3e053511dd7c309223f02a7f63eae773a3000ac80028995b74fe5f1ad7160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 16:30:47 GMT
server: AkamaiNetStorage
etag: "0cd58e5976bd8d7fbb4884f5e9e1bd9b:1692376247.912563"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1202
expires: Sun, 20 Aug 2023 21:40:23 GMT

GET
H2 200 hero.jpg
img2.carmax.com/assets/24372992/image/ 31 KB
31 KB 445ms
444ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/hero.jpg?width=800&height=450

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fe00417daf974a88fda7c29bd8a4f3928a312ed666bf6046d40d55dcd75703d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 07 Aug 2023 09:19:07 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 31664
expires: Mon, 21 Aug 2023 20:40:24 GMT

GET
H2 200 24372992 Show response
img2.carmax.com/api/subject/ 13 KB
14 KB 319ms
319ms Fetch
application/json 2a02:26f0:7100:8b5::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24372992

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8b5::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

7e8c4a6ab473b93a705a85a01cc6b7895613317a357b9268414c0bf9e5482d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
strict-transport-security: max-age=31536000
server: Kestrel
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 13271
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 176869726424290 Show response
connect.facebook.net/signals/config/ 307 KB
88 KB 140ms
140ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/176869726424290?v=2.9.124&r=stable&domain=www.carmax.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0690e61324e3f63b2da37e172d62a59ec881aa90536bc17ea3bc8d63f38d5fb5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 20 Aug 2023 20:40:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: JQ5yYeMGlXCqepUNXQG2i8iQjVvlbv3UEwm9FRx9cDlmaLkC02J5oPzWEbb6+aBdpRJ9e858R9AECdmOspN2+Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 36004432.js Show response
bat.bing.com/p/action/ 0
118 B 30ms
29ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/36004432.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 20 Aug 2023 20:40:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E27C7188E9549E08CEBAEAF7E87CB47 Ref B: FRA31EDGE0218 Ref C: 2023-08-20T20:40:23Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=36004432&Ver=2&mid=e95d2ea4-4bd9-40a9-a83a-125bf0a73fec&sid=c96171a03f9911eea1eff3bc2c176813&vid=c961ac303f9911eea7450d243dfe902c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Used%202021%20Toyota%20Tacoma%20in%20Norcross,%20GA%20%7C%20CarMax&p=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&r=&lt=1535&evt=pageLoad&sv=1&rn=375005

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 20 Aug 2023 20:40:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4DA69C2B19324798A1DF605EB6A989B3 Ref B: FRA31EDGE0218 Ref C: 2023-08-20T20:40:23Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK access.js Show response
cdn.levelaccess.net/accessjs/YW1wMTI0OTY/ 462 KB
62 KB 63ms
9ms Script
application/javascript 2600:9000:21f3:6a00:1:fb61:2b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.levelaccess.net/accessjs/YW1wMTI0OTY/access.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6a00:1:fb61:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dee0b2853c994d5be10792538856cf07d6f57b7edf1eac055296c3ce64652227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: FIuzYeYZrC_n8rZWkaij9oCSewRVu8N6
Content-Encoding: gzip
Via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
Date: Sun, 20 Aug 2023 20:34:16 GMT
X-Amz-Cf-Pop: FRA2-C2
Age: 378
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 62541
Last-Modified: Sat, 03 Jun 2023 02:16:50 GMT
Server: AmazonS3
ETag: "980779ff45a9e0f3f93a64047f677ffe"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: nGHLaUaAz8ZrqHdrjigu3e3MywHoQCvVX3KUm5qJHFzfsG7qbDUbaA==

GET
H2 204 tr.gif
ping.pdst.fm/ 0
47 B 163ms
116ms Image
text/plain 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.pdst.fm/tr.gif?key=93628f997a564e3bba24ca40702d9a32&a=init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
via: 1.1 google

GET
H2 200 RC66a4865870924c83a5ab2c34ac81f1bb-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/ 544 B
600 B 7ms
7ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/RC66a4865870924c83a5ab2c34ac81f1bb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d19725decfcfc5b1f9b8e4a54bd60fe18a912884e61049a227d1bef3a8d59f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 16:30:47 GMT
server: AkamaiNetStorage
etag: "0cd58e5976bd8d7fbb4884f5e9e1bd9b:1692376247.912563"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 343
expires: Sun, 20 Aug 2023 21:40:23 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
12 KB 29ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 20 Aug 2023 20:40:23 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5B81C0B74A924AF39BDE98983954E8DE Ref B: FRA31EDGE0218 Ref C: 2023-08-20T20:40:23Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12469

GET
H2 204 4028650.js Show response
bat.bing.com/p/action/ 0
118 B 82ms
82ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4028650.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 20 Aug 2023 20:40:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E35D98253F214F568BC0A77C4CB51EAF Ref B: FRA31EDGE0218 Ref C: 2023-08-20T20:40:23Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
121 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4028650&Ver=2&mid=433061eb-f2cc-4e62-a8d7-52176a80d838&sid=c96171a03f9911eea1eff3bc2c176813&vid=c961ac303f9911eea7450d243dfe902c&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Used%202021%20Toyota%20Tacoma%20in%20Norcross,%20GA%20%7C%20CarMax&p=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&r=&lt=1535&evt=pageLoad&sv=1&rn=968710

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 20 Aug 2023 20:40:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A7A0B963F394AD6B537C4F47DE2D075 Ref B: FRA31EDGE0218 Ref C: 2023-08-20T20:40:23Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FavIcon.svg
www.carmax.com/car/assets/images/nav-icons/ 1 KB
1021 B 27ms
26ms Image
image/svg+xml 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/car/assets/images/nav-icons/FavIcon.svg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a7441682f1172733347258a8700bfada72ea4bd0c1d94b71a1a2586aa569e85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
content-md5: TxfbkomX89kHcOzS9rURvA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564023705_34603373_22566933_450_15600_7_0_146";dur=1
content-length: 482
last-modified: Tue, 08 Aug 2023 15:48:23 GMT
etag: "0x8DB938ED121957B"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
x-azure-ref: 20230808T154823Z-wxyh9v98u51t9ewgh30cqqcwnc00000004hg00000001b0fk
x-ms-request-id: 083df6fc-601e-0060-730f-cab400000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.js Show response
www.carmax.com/shared/interact-one/ 2 KB
1 KB 34ms
34ms Script
application/javascript 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/interact-one/main.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7530f4e7e0039df96f5ebc239d5104749fb945563aadca7536ce3c3353efde25

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:23 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564023738_34603373_22567046_37_21166_7_0_146";dur=1
content-length: 749
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Mon, 14 Aug 2023 18:12:52 GMT
etag: "0x8DB9CF1F3F2DF2B"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
timing-allow-origin: *

GET
H2 200 RC545ab73db53e4143ae6557a896343666-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/ 3 KB
1 KB 12ms
12ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/RC545ab73db53e4143ae6557a896343666-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d7668cfe517e69b0e642e3c7666c40411b2b84ef37bdbc77c120e2203c8bbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 16:30:47 GMT
server: AkamaiNetStorage
etag: "0cd58e5976bd8d7fbb4884f5e9e1bd9b:1692376247.912563"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1175
expires: Sun, 20 Aug 2023 21:40:23 GMT

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 3 KB
3 KB 120ms
120ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=J90WC
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: cbeafe46ad324e22710597697da96d24ce003a116d98592bb7ebd8f4b1170f1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
via: 1.1 google
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

GET
H2 200 RC99a07e4edf9f4c6bb4e30fbb2048e697-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/ 634 B
644 B 7ms
7ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/RC99a07e4edf9f4c6bb4e30fbb2048e697-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1c0537af913abce50334f4636712ae95e6504920bb66bba1b6168acb4e213626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 16:30:47 GMT
server: AkamaiNetStorage
etag: "0cd58e5976bd8d7fbb4884f5e9e1bd9b:1692376247.912563"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 387
expires: Sun, 20 Aug 2023 21:40:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 44ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=176869726424290&ev=PageView&dl=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&rl=&if=false&ts=1692564023809&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692564023808.875326430&it=1692564023613&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 20 Aug 2023 20:40:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 44ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=176869726424290&ev=ViewContent&dl=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&rl=&if=false&ts=1692564023811&cd[content_category]=Carpage%3AComing%20Soon&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692564023808.875326430&it=1692564023613&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 20 Aug 2023 20:40:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 45ms
14ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=35257

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7c1cf147944de8261f28cf87a129939e232456105d4b099878fafcf5d43e797c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 RCbd4c3b1389454f4399ac8d536cb16bba-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/ 830 B
726 B 8ms
7ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/RCbd4c3b1389454f4399ac8d536cb16bba-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6fa7e11feb17c2d9c166170f07fca261c09c008db37618dbba8e7f4da83198e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 16:30:47 GMT
server: AkamaiNetStorage
etag: "0cd58e5976bd8d7fbb4884f5e9e1bd9b:1692376247.912563"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 469
expires: Sun, 20 Aug 2023 21:40:23 GMT

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v4/ 42 KB
12 KB 27ms
9ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v4/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=J90WC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f1996871ba77386a475fac0db6489b0241c9a839f2e3c3f631aed26006848df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:04:06 GMT
content-encoding: gzip
age: 2177
x-guploader-uploadid: ADPycdt5nmZEszfxi_hGrKeyCNRJ3NgdfMlMcWGDNMU4ptfhmRd-9JmQIuf0ijWHL8n9ByWyUQB18mGp--yy5CNVSBau
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11918
last-modified: Thu, 03 Aug 2023 16:30:48 GMT
server: UploadServer
etag: "038e81eb121703e8bf798099bb4fb954"
x-goog-generation: 1691080248135238
x-goog-hash: crc32c=EPsiLQ==, md5=A46B6xIXA+i/eYCZu0+5VA==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11918
accept-ranges: bytes
expires: Sun, 20 Aug 2023 21:04:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
63 KB 54ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8789640

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

432d6dfb3b3f13bb6c3975de0e8c252c14d1fd7229f812e37ccdf6ee90b692a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64437
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Aug 2023 20:40:23 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1C30 15 KB
6 KB 50ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.carmax.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=35257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.carmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:40:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 306443
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 1 KB
1 KB Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e4b03750c76694f5cca31e808a9239cb8b06bbef3b4b6cafe484bfef1a00da3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
4 KB Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00c7595356b8f9ab4b00b98706a5a6e43d7c33c424701b138f9ffb103865a46c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 799 B
799 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0576f94f1d666e893c67c1457ba42f9c38015a10e638dbfdb991c8aa45684407

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 0.jpg Show response
img2.carmax.com/api/subject/24372992/360-images/ 4 KB
1 KB 715ms
715ms Fetch
application/json 2a02:26f0:7100:8b5::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24372992/360-images/0.jpg

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8b5::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

9a3185cc41f5945f68dc88153d000a736bda370f5cbdc0ae219b7ebd16e4fc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 798
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360BackSeat.jpg Show response
img2.carmax.com/api/subject/24372992/360-images/ 1 KB
1 KB 378ms
378ms Fetch
application/json 2a02:26f0:7100:8b5::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24372992/360-images/S-I-360BackSeat.jpg

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8b5::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

7967983cd44ce2e89984859c0d7dbde4ca9b574f2442b5f4c0493931b89d6f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 435
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360Driver.jpg Show response
img2.carmax.com/api/subject/24372992/360-images/ 5 KB
1 KB 304ms
304ms Fetch
application/json 2a02:26f0:7100:8b5::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24372992/360-images/S-I-360Driver.jpg

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8b5::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

eaeb0084f6d79f4f879068b7cda620cf842d7701df744d782721da472d99a549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 884
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 spin Show response
img2.carmax.com/api/subject/24372992/360-exterior/ 412 KB
413 KB 793ms
793ms Fetch
application/json 2a02:26f0:7100:8b5::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24372992/360-exterior/spin

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8b5::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

399f43967e1225d11e121088572ae7278c7196ee1141e72a5734bc39879341f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
server: Kestrel
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 0.jpg Show response
img2.carmax.com/api/subject/24372992/360-images/ 4 KB
1 KB 846ms
845ms Fetch
application/json 2a02:26f0:7100:8b5::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24372992/360-images/0.jpg

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8b5::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

9a3185cc41f5945f68dc88153d000a736bda370f5cbdc0ae219b7ebd16e4fc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 798
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360BackSeat.jpg Show response
img2.carmax.com/api/subject/24372992/360-images/ 1 KB
1 KB 738ms
738ms Fetch
application/json 2a02:26f0:7100:8b5::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24372992/360-images/S-I-360BackSeat.jpg

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8b5::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

7967983cd44ce2e89984859c0d7dbde4ca9b574f2442b5f4c0493931b89d6f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 435
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360Driver.jpg Show response
img2.carmax.com/api/subject/24372992/360-images/ 5 KB
1 KB 367ms
366ms Fetch
application/json 2a02:26f0:7100:8b5::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24372992/360-images/S-I-360Driver.jpg

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8b5::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

eaeb0084f6d79f4f879068b7cda620cf842d7701df744d782721da472d99a549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 884
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 10.jpg
img2.carmax.com/assets/24372992/image/ 403 KB
403 KB 547ms
544ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/10.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c2ef2fcae9df1e0a5b935401327380b91c534ebc71cc44637c27a397ff2b3f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 20 Aug 2023 01:28:37 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 412670
expires: Mon, 21 Aug 2023 20:40:24 GMT

GET
H2 200 12.jpg
img2.carmax.com/assets/24372992/image/ 345 KB
345 KB 598ms
595ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/12.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

554722fc9b24c96c2748f48755fb5013c2c0b4a28e52c5150e680320692b33d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:28 GMT
x-serial: 622
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 352990
expires: Mon, 21 Aug 2023 20:40:24 GMT

GET
H2 200 11.jpg
img2.carmax.com/assets/24372992/image/ 420 KB
421 KB 520ms
518ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/11.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

aca516b886f6aa57a0e0db712229facd39f073d53233393bcf8c4d71ef6b4d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:31 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 430492
expires: Mon, 21 Aug 2023 20:40:24 GMT

GET
H2 200 23.jpg
img2.carmax.com/assets/24372992/image/ 772 KB
773 KB 595ms
593ms Image
image/jpeg 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/23.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

eebde89fdef9d47e50031a0b332b54801cae11dbb050654c103a11331d9dddc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:29 GMT
x-serial: 1348
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 790494
expires: Mon, 21 Aug 2023 20:40:24 GMT

GET
H2 200 15.jpg
img2.carmax.com/assets/24372992/image/ 627 KB
627 KB 476ms
474ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/15.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e5935a95aed11457282ccb9965f55714bc9a6534120af85999792e445437db17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 17 Aug 2023 17:53:00 GMT
x-serial: 670
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 641936
expires: Mon, 21 Aug 2023 20:40:24 GMT

GET
H2 200 16.jpg
img2.carmax.com/assets/24372992/image/ 302 KB
302 KB 520ms
519ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/16.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2412b3b3396a388f0c6e5d5704332a6a81792518fbe08f91680027afa0288a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:28 GMT
x-serial: 1007
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 309034
expires: Mon, 21 Aug 2023 20:40:24 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1C30
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=carmax.com&sn=ChromeSyncframe&so=0&topUrl=www.carmax.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=FYvqYnx3dXUwWW53S2tVQkJxdWpPM0NoRUEvRXJuWktQZmJiM2EwOHpZRWIrUTdtTXdqYXloV21tQ3YvUGErUGU2RWtzcHNaVUUxOTdlZ09SV213RUJmQ1BEVzI5cjM2MnhsN2wwL1F3SnQ1VytTa3ZUa3kwQXdoKytqR2...

430 B
654 B

115ms
18ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=FYvqYnx3dXUwWW53S2tVQkJxdWpPM0NoRUEvRXJuWktQZmJiM2EwOHpZRWIrUTdtTXdqYXloV21tQ3YvUGErUGU2RWtzcHNaVUUxOTdlZ09SV213RUJmQ1BEVzI5cjM2MnhsN2wwL1F3SnQ1VytTa3ZUa3kwQXdoKytqR2FNdERLaVJycjdCRk9lWGlVMXhUdnMwQ05MZlJSdjVKR1F1N3BLQ09jcFFyOE5nQzYyS1BtSVZSdkVRMVFyNFE5L0xNNlg1YmJFb3RNVGpwRGVHRk9IK3RTUEJYajZSVHBEVTgyZ0xDUTdCbXJLSnArdlloL0UzK2FuczVQdGFkVTNGY09XR1h2Y3BNLzRzTHdadHlPZUdSTkd6Z0JGUT09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d2e3f503299fda463f2244d33bff202c918c16c112954cd9283aacf4ae803e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:23 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1175063
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=FYvqYnx3dXUwWW53S2tVQkJxdWpPM0NoRUEvRXJuWktQZmJiM2EwOHpZRWIrUTdtTXdqYXloV21tQ3YvUGErUGU2RWtzcHNaVUUxOTdlZ09SV213RUJmQ1BEVzI5cjM2MnhsN2wwL1F3SnQ1VytTa3ZUa3kwQXdoKytqR2FNdERLaVJycjdCRk9lWGlVMXhUdnMwQ05MZlJSdjVKR1F1N3BLQ09jcFFyOE5nQzYyS1BtSVZSdkVRMVFyNFE5L0xNNlg1YmJFb3RNVGpwRGVHRk9IK3RTUEJYajZSVHBEVTgyZ0xDUTdCbXJLSnArdlloL0UzK2FuczVQdGFkVTNGY09XR1h2Y3BNLzRzTHdadHlPZUdSTkd6Z0JGUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 244929
content-length: 0
expires: 0

GET
H2 200 TC-3665-1.gif
pt.ispot.tv/v2/ 43 B
315 B 60ms
9ms Image
image/gif 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3665-1.gif?app=web&type=visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H2 204 tr.gif
ping.pdst.fm/ 0
36 B 118ms
117ms Image
text/plain 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.pdst.fm/tr.gif?key=93628f997a564e3bba24ca40702d9a32&a=init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
via: 1.1 google

GET
H/1.1 200 /
d.agkn.com/pixel/9043/ 43 B
568 B 81ms
9ms Image
image/gif 52.28.12.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/9043/?abid=11203331148671682203668995204512356818
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.12.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-12-14.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Aug 2023 20:40:24 GMT
Content-Type: image/gif
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=167517063839469&ev=PageView&cd[order_id]=11203331148671682203668995204512356818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 20 Aug 2023 20:40:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

HEAD
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 0
401 B 95ms
72ms XHR
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50742
x-xss-protection: 0
server: cafe
etag: 8449823062925545497
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 20:40:24 GMT

GET
H2 200 RCd49cb070e2434d56bc17bc5e7a0c9334-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/ 2 KB
1 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/4dcdf6f9a71e/RCd49cb070e2434d56bc17bc5e7a0c9334-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 71d62d13af6102898418fb4c22bbebd25a81c32af33fa0cbd44f6cf66cb1a50e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 16:30:47 GMT
server: AkamaiNetStorage
etag: "0cd58e5976bd8d7fbb4884f5e9e1bd9b:1692376247.912563"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 840
expires: Sun, 20 Aug 2023 21:40:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
91 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9344594f07daaa46fddbacefd07c364b90f488c0a4131ddf0c2990c9ef13ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 20 Aug 2023 20:40:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1060501044&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0769f568ad10490e02fe861a62b1a36916d27fd3af9fd92d2d02fb77be1ea081

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74200
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Aug 2023 20:40:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-768545124&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c28317c6b080fdda8176b1045e5c655d6a0035ac9f5d36f62c81d2a49464441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72044
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Aug 2023 20:40:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
68 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-769504883&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e15085f0ebbe0d0bc7e7c54181fbfc766a97921c87a04eab9fd869a618a31c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69021
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Aug 2023 20:40:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-708462047&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

729de41eb12f56d64e8cd9446487bb9dbee58c7a699dfd491c053b52843bd7fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72225
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Aug 2023 20:40:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 142 KB
54 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-586870437&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

563c8d617c74541ea18f4337c7481d1a55a9862061bebf8d8bf70db678714bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55585
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Aug 2023 20:40:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10777432239&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8932fcdd5b80b0be45efb417da90d2b84cd020158446c17bb8d469502367b729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74147
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Aug 2023 20:40:24 GMT

GET
H2 200 / Show response
zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 90ms
24ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24372992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d224fddb064ca00bdb03e0ee70bfb96f17213427508f3a4b54265b78715b635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 183908
cf-polished: origSize=9150
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23be-mtdQlD5tV/zJt5HupXgwvF519tU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f9d737f98ac5b9e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/768545124/ 3 KB
2 KB 64ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/768545124/?random=1692564024238&cv=11&fst=1692564024238&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-768545124&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c79295fde31afa890e3e9f6b01db6da1a8ba9c5477e2d1a28b56fc002d475cc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/586870437/ 3 KB
1 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/586870437/?random=1692564024264&cv=11&fst=1692564024264&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-586870437&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f575fc7bdab442f505c7681f37791e44ffc4152484c29fc4398d4b322b62cb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NTWN6LKPPS&gtm=45je38g0&_p=36905351&_gaz=1&cid=1181624589.1692564023&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692564024&sct=1&seg=0&dl=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&dt=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 20ms
19ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NTWN6LKPPS&cid=1181624589.1692564023&gtm=45je38g0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NTWN6LKPPS&cid=1181624589.1692564023&gtm=45je38g0&aip=1&z=120489916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/ 3 KB
2 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/?random=1692564024366&cv=11&fst=1692564024366&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1060501044&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6d71d1eff114b1fac0c7367e946f7c0bfb8f8a722bd4dfb6bd6ad4a86056039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1060501044/ 3 KB
2 KB 67ms
22ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1060501044/?random=1692564024379&cv=11&fst=1692564024379&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1060501044&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

09fead62c1be1ae25ba99febfe765989714e83d22c4530cbc869dfb8d701062d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1602
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/ 3 KB
2 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/?random=1692564024384&cv=11&fst=1692564024384&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dpage_view%3Bdynx_pagetype%3DCarpage%3AComing%20Soon%3Bdynx_itemid%3D24372992&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1060501044&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

728e7f39011cb6cf75f9747a0e73cc4330b128460783a529ae145c1317b9c591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/769504883/ 3 KB
1 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/769504883/?random=1692564024397&cv=11&fst=1692564024397&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-769504883&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aa076a918e9207178712b850704b0ee5f1240b1cbb0e8616eedd94fe7bd348e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/769504883/ 3 KB
1 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/769504883/?random=1692564024408&cv=11&fst=1692564024408&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-769504883&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4e3ce99eeb7e0287b1a4fc169251b820a57fe0ed2ea868dcff6713fdd606828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s89038799106519
carmax.sc.omtrdc.net/b/ss/carmaxadaptive/1/JS-2.24.0-LDQM/ 43 B
224 B 22ms
22ms Image
image/gif 63.140.62.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carmax.sc.omtrdc.net/b/ss/carmaxadaptive/1/JS-2.24.0-LDQM/s89038799106519?AQB=1&ndh=1&pf=1&t=20%2F7%2F2023%2022%3A40%3A24%200%20-120&sdid=3354FF8D14156887-11A70835CD8447EC&mid=11203331148671682203668995204512356818&aamlh=6&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=Carpage%3AComing%20Soon&g=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&cc=USD&ch=Carpage&server=carmax.com&xact=7719cabc73c506cb65d3b7dca902da03&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=Carpage&v1=Carpage%3AComing%20Soon&v2=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&v6=ff474ae5-d526-4d1f-b9d0-6784c005fc56&c8=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&v8=undefined&v9=Carpage&v19=fb.1.1692564023808.875326430%20%7C%20null&c36=1&v42=NaN&v46=null&v47=Nurnberg&v51=undefined%3Anull&c61=1600x1200&c62=AppMeasurement%7Cv2.8.0%7C20170816%20%7C%20null&c63=8%2F20%2F2023%2C%2010%3A40%3A24%20PM&c64=0-24%25&c65=4%3A40%20PM&c66=10%3A30%20PM&c67=Sunday&c68=Weekend&v73=7719cabc73c506cb65d3b7dca902da03&v83=11203331148671682203668995204512356818&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=0C1038B35278345B0A490D4C%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-164.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 20:40:24 GMT
server: jag
etag: 3634753566192304128-4619687059864484909
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 19 Aug 2023 20:40:24 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=176869726424290&ev=Microdata&dl=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&rl=&if=false&ts=1692564024435&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax%22%2C%22meta%3Adescription%22%3A%22View%20this%20Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Adescription%22%3A%22View%20this%20Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg2.carmax.com%2Fassets%2F24372992%2Fhero.jpg%3Fwidth%3D400%26height%3D300%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=2&o=30&fbp=fb.1.1692564023808.875326430&it=1692564023613&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 20 Aug 2023 20:40:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/708462047/ 3 KB
1 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708462047/?random=1692564024462&cv=11&fst=1692564024462&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-708462047&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02880b96ea2c6581b998f54f1f683e29faf9c287d707613331ffb4f1acbf2388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10777432239/ 3 KB
1 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10777432239/?random=1692564024486&cv=11&fst=1692564024486&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10777432239&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

703c91d0f27e541c59dd9907f92ec67b2a2b7c746391d07a484360fc08ebee1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10777432239/ 3 KB
2 KB 22ms
21ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10777432239/?random=1692564024500&cv=11&fst=1692564024500&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10777432239&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

6429b3cfa7c6eeaeb4658f4b50990688a54f3400f4d302dd7c16d632fbf9252d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1601
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12.f3d25ebe8c96530b2fc2.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 69 KB
21 KB 26ms
25ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Requested by

Host: zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
URL: https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965a2c31659c544a6a01fbe1bac9958452aa28ccb7ac568867ded1ac95230674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 443903
cf-polished: origSize=71575
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"11797-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f9d738149bd5b9e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 /
www.google.com/pagead/1p-user-list/768545124/ 42 B
154 B 20ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/768545124/?random=1692564024238&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3964976681&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/768545124/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/768545124/?random=1692564024238&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3964976681&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1060501044/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1060501044/?random=1692564024366&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=452555386&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1060501044/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1060501044/?random=1692564024366&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=452555386&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1060501044/ 42 B
108 B 33ms
32ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1060501044/?random=1692564024384&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dpage_view%3Bdynx_pagetype%3DCarpage%3AComing%20Soon%3Bdynx_itemid%3D24372992&fmt=3&is_vtc=1&random=519236114&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1060501044/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1060501044/?random=1692564024384&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dpage_view%3Bdynx_pagetype%3DCarpage%3AComing%20Soon%3Bdynx_itemid%3D24372992&fmt=3&is_vtc=1&random=519236114&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1060501044/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/?random=1924786149&cv=11&fst=1692564024379&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww...
https://www.google.com/pagead/1p-conversion/1060501044/?random=1924786149&cv=11&fst=1692564024379&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F2...
https://www.google.de/pagead/1p-conversion/1060501044/?random=1924786149&cv=11&fst=1692564024379&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24...

42 B
64 B

22ms
22ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1060501044/?random=1924786149&cv=11&fst=1692564024379&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBPR3B3WVE2S0dfaXR6WW42SExBUklsQUhMTDNYS0MyVlNFS1BGYW9RX0VSSXJDcE4wYi1GeDIyRTllMm1NMWdlMDZIdzJ4bVEaV0NoQUk4UE9HcHdZUTRJek1oNi14cW85ZEVpMEFZRldqWnFaamdhMkN1Q2w5REJoTUFvc0VuVlA5ejROTGtaOURjcHdlcTZKMURoWFBwNnVXbkVPN19ZWSITCJ7RvquM7IADFQ3BuwgdFNEHlw&is_vtc=1&ocp_id=OHriZJ7VGo2C7_UPlKKfuAk&cid=CAQSKQBpAlJWMndDw6cgXEenmvTlZJZobW2DJEguaNV1_Y8nRsZkmEGT_a12&random=241214088&ipr=y

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1060501044/?random=1924786149&cv=11&fst=1692564024379&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBPR3B3WVE2S0dfaXR6WW42SExBUklsQUhMTDNYS0MyVlNFS1BGYW9RX0VSSXJDcE4wYi1GeDIyRTllMm1NMWdlMDZIdzJ4bVEaV0NoQUk4UE9HcHdZUTRJek1oNi14cW85ZEVpMEFZRldqWnFaamdhMkN1Q2w5REJoTUFvc0VuVlA5ejROTGtaOURjcHdlcTZKMURoWFBwNnVXbkVPN19ZWSITCJ7RvquM7IADFQ3BuwgdFNEHlw&is_vtc=1&ocp_id=OHriZJ7VGo2C7_UPlKKfuAk&cid=CAQSKQBpAlJWMndDw6cgXEenmvTlZJZobW2DJEguaNV1_Y8nRsZkmEGT_a12&random=241214088&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/769504883/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/769504883/?random=1692564024397&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=222439651&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/769504883/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/769504883/?random=1692564024397&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=222439651&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/769504883/ 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/769504883/?random=1692564024408&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1784108476&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/769504883/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/769504883/?random=1692564024408&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1784108476&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/586870437/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/586870437/?random=1692564024264&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3655247370&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/586870437/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/586870437/?random=1692564024264&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3655247370&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/10777432239/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10777432239/?random=126059581&cv=11&fst=1692564024500&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww...
https://www.google.com/pagead/1p-conversion/10777432239/?random=126059581&cv=11&fst=1692564024500&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F2...
https://www.google.de/pagead/1p-conversion/10777432239/?random=126059581&cv=11&fst=1692564024500&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24...

42 B
64 B

22ms
21ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10777432239/?random=126059581&cv=11&fst=1692564024500&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBPR3B3WVE2S0dfaXR6WW42SExBUklsQUhMTDNYS0MyVlNFS1BGYW9RX0VSSXJDcE4wYi1GeDIyRTllMm1NMWdlMDZIdzJ4bVEaV0NoQUk4UE9HcHdZUTRJek1oNi14cW85ZEVpMEFZRldqWnNqWnVPSGczMnFRaVZ4ekVLX0ctUHNVQWRDUEZTQmNzTnB3MWNPWUtzQjBZcXI0MlNhNFF5YyITCIeVw6uM7IADFQrBuwgdgKAI9A&is_vtc=1&ocp_id=OHriZIeZH4qC7_UPgMGioA8&cid=CAQSKQBpAlJWeEDBEINBrcqImZhkTUl37z62yMw8aIS1l1g9ppJeemonqVB_&random=1709410876&ipr=y

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10777432239/?random=126059581&cv=11&fst=1692564024500&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&auid=620881330.1692564024&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBPR3B3WVE2S0dfaXR6WW42SExBUklsQUhMTDNYS0MyVlNFS1BGYW9RX0VSSXJDcE4wYi1GeDIyRTllMm1NMWdlMDZIdzJ4bVEaV0NoQUk4UE9HcHdZUTRJek1oNi14cW85ZEVpMEFZRldqWnNqWnVPSGczMnFRaVZ4ekVLX0ctUHNVQWRDUEZTQmNzTnB3MWNPWUtzQjBZcXI0MlNhNFF5YyITCIeVw6uM7IADFQrBuwgdgKAI9A&is_vtc=1&ocp_id=OHriZIeZH4qC7_UPgMGioA8&cid=CAQSKQBpAlJWeEDBEINBrcqImZhkTUl37z62yMw8aIS1l1g9ppJeemonqVB_&random=1709410876&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
02179912.akstat.io/ 0
202 B 57ms
55ms Ping
image/gif 2a02:26f0:480:980::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179912.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:480:980::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-type: image/gif
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Sun, 20 Aug 2023 20:40:24 GMT

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 13 KB
2 KB 48ms
48ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_824BpwRuzg5MXB3&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19108e96da1be78452af9c3a35337ec652f1a8ba006c0849674736fdee2a4005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.carmax.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: b0455904882f187e
cf-ray: 7f9d738179da5b9e-FRA
timing-allow-origin: *

GET
H3 200 /
www.google.com/pagead/1p-user-list/708462047/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/708462047/?random=1692564024462&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2383122158&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/708462047/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/708462047/?random=1692564024462&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2383122158&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10777432239/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10777432239/?random=1692564024486&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2634014911&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10777432239/ 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10777432239/?random=1692564024486&cv=11&fst=1692561600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992&frm=0&tiba=Used%202021%20Toyota%20Tacoma%20in%20Norcross%2C%20GA%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2634014911&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:40:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 26ms
26ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2511823ee589cef1a1b05009d107035ad3d0656d238cdb9ca3f51e53da4c24e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 443903
cf-polished: origSize=105535
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19c3f-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f9d7381ca0d5b9e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 7.e410c6e4072cd30ceddd.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
985 B 28ms
26ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.e410c6e4072cd30ceddd.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
URL: https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2257d5dcff45e05bb9d046829b14c16dc3751a2e620af325231c44506d63f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 443903
cf-polished: origSize=2803
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"af3-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f9d73821a325b9e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.6bff9e45c450943efd56.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 31ms
31ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.6bff9e45c450943efd56.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
URL: https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0a2d8d2c814b20e1c9141321c11837e3884dacbc7e0d35f0442a74449922472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 443903
cf-polished: origSize=29367
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72b7-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f9d73821a335b9e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 LinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
908 B 30ms
30ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/LinkModule.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d4fe612fa43bdcfc05db6234a824a87d806a83ab61a9f8f05dff12c2b253c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 441632
cf-polished: origSize=2540
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"9ec-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f9d73821a345b9e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 FeedbackLinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 28ms
27ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 428403
cf-polished: origSize=3545
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"dd9-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f9d73821a355b9e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 50ms
31ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9oDlYMwRwk31RDD&Version=6&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac06ff3870aa71c6686dee69845dfbff5ba2130053893509cdcb4a3f847e45d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

servershortname
date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 294459
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Aug 2023 10:52:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f9d73823b4f1e10-FRA
expires: Sun, 14 Aug 2033 10:52:45 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 201 B
665 B 43ms
25ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_emTkxoXvaQjl7dH&Version=1&Q_InterceptID=SI_9oDlYMwRwk31RDD&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80cf2e36ce257aaed107d2832911b8a225508ab12b8890f1ab23acd748485012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

servershortname
date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 299911
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Aug 2023 09:21:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f9d73823b551e10-FRA
expires: Sun, 14 Aug 2033 09:21:53 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 47ms
30ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_ah0reLCPOi4vXLv&Version=17&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f2c351adcae377cbaa579e2434df7a0232db66dd4c45169a50bf1809dc0ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

servershortname
date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 273298
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Aug 2023 16:45:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f9d73823b571e10-FRA
expires: Sun, 14 Aug 2033 16:45:25 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 329 B
351 B 46ms
29ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_aWu0ZeBRVehNneJ&Version=1&Q_InterceptID=SI_ah0reLCPOi4vXLv&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f4a0708685889841c00251c36d4dd6602d94a15fcb568f65f8c326f38ba6639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

servershortname
date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 266672
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Aug 2023 18:35:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f9d73823b591e10-FRA
expires: Sun, 14 Aug 2033 18:35:52 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
125 B 156ms
155ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_emTkxoXvaQjl7dH&Q_SIID=SI_9oDlYMwRwk31RDD&Q_ASID=AS_10337099&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&r=1692564024716

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.carmax.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 884f611b797af980
cf-ray: 7f9d73828bc81e10-FRA

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
205 B 135ms
135ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_aWu0ZeBRVehNneJ&Q_SIID=SI_ah0reLCPOi4vXLv&Q_ASID=AS_9YzH717RdZH7sPj&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&r=1692564024721

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.carmax.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 40aa48aa068eb9d5
cf-ray: 7f9d73828bd31e10-FRA

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
2 KB 113ms
19ms Image
image/png 23.218.208.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_20qzf8m77sY0mLX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-116.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce40a8be71b4d72d4b8e5a8d6174692abde2b8e9e12ac53370f348ece207ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 167
date: Sun, 20 Aug 2023 20:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
content-disposition: inline; filename=Qualtrics+feedback+button
content-length: 1635
x-request-id: d06b324a-3714-4c5e-ab45-d78c19885b77
referrer-policy: strict-origin-when-cross-origin
etag: "f0fa91fd84b7d45f13e79867954223d3"
x-edgeconnect-cache-status: 1
content-type: image/png
access-control-allow-origin: *
x-transaction-id: ad004982-f7dd-4ac5-956d-c28d37a9af81
cache-control: public, max-age=7
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Sun, 20 Aug 2023 20:40:31 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 565ms
438ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=J90WC&UserId=a6b8f7e8-508d-4c10-b1d6-314dc7516dbb&SessionId=cc2694fb-2ec2-48da-a59c-8ae2c8098b8f&PageId=9d122a24-8173-47d5-b434-ec54d312639d&Seq=1&PageStart=1692564023735&PrevBundleTime=0&LastActivity=866&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 0ef910f57072e0dd55d3b7116b6a661f09a5f06f96df8066b071b72200a8f675

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.carmax.com
date: Sun, 20 Aug 2023 20:40:25 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 16.jpg
img2.carmax.com/assets/24372992/image/ 302 KB
302 KB 148ms
148ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/16.jpg?width=1600&height=1200

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2412b3b3396a388f0c6e5d5704332a6a81792518fbe08f91680027afa0288a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:25 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:28 GMT
x-serial: 1007
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 309034
expires: Mon, 21 Aug 2023 20:40:25 GMT

GET
H2 200 11.jpg
img2.carmax.com/assets/24372992/image/ 420 KB
421 KB 168ms
167ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/11.jpg?width=1600&height=1200

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

aca516b886f6aa57a0e0db712229facd39f073d53233393bcf8c4d71ef6b4d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:25 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:31 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 430492
expires: Mon, 21 Aug 2023 20:40:25 GMT

GET
H2 200 10.jpg
img2.carmax.com/assets/24372992/image/ 403 KB
403 KB 118ms
118ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/10.jpg?width=1600&height=1200

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c2ef2fcae9df1e0a5b935401327380b91c534ebc71cc44637c27a397ff2b3f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:25 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 20 Aug 2023 01:28:37 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 412670
expires: Mon, 21 Aug 2023 20:40:25 GMT

GET
H2 200 12.jpg
img2.carmax.com/assets/24372992/image/ 345 KB
345 KB 88ms
88ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/12.jpg?width=1600&height=1200

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

554722fc9b24c96c2748f48755fb5013c2c0b4a28e52c5150e680320692b33d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:25 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:28 GMT
x-serial: 622
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 352990
expires: Mon, 21 Aug 2023 20:40:25 GMT

GET
H2 200 15.jpg
img2.carmax.com/assets/24372992/image/ 627 KB
627 KB 69ms
69ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/15.jpg?width=1600&height=1200

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e5935a95aed11457282ccb9965f55714bc9a6534120af85999792e445437db17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:25 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 17 Aug 2023 17:53:00 GMT
x-serial: 670
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 641936
expires: Mon, 21 Aug 2023 20:40:25 GMT

GET
H2 200 23.jpg
img2.carmax.com/assets/24372992/image/ 772 KB
773 KB 74ms
73ms Image
image/jpeg 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/23.jpg?width=1600&height=1200

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.03708e62.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

eebde89fdef9d47e50031a0b332b54801cae11dbb050654c103a11331d9dddc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:25 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:29 GMT
x-serial: 1348
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 790494
expires: Mon, 21 Aug 2023 20:40:25 GMT

GET
H2 200 hero.jpg
img2.carmax.com/assets/24372992/image/ 31 KB
31 KB 1953ms
1949ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/hero.jpg?width=800&height=450

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fe00417daf974a88fda7c29bd8a4f3928a312ed666bf6046d40d55dcd75703d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 07 Aug 2023 09:19:07 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 31664
expires: Mon, 21 Aug 2023 20:40:29 GMT

GET
H2 200 10.jpg
img2.carmax.com/assets/24372992/image/ 403 KB
403 KB 2022ms
2017ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/10.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c2ef2fcae9df1e0a5b935401327380b91c534ebc71cc44637c27a397ff2b3f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 20 Aug 2023 01:28:37 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 412670
expires: Mon, 21 Aug 2023 20:40:30 GMT

GET
H2 200 12.jpg
img2.carmax.com/assets/24372992/image/ 345 KB
345 KB 1979ms
1974ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/12.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

554722fc9b24c96c2748f48755fb5013c2c0b4a28e52c5150e680320692b33d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:29 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:28 GMT
x-serial: 622
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 352990
expires: Mon, 21 Aug 2023 20:40:29 GMT

GET
H2 200 11.jpg
img2.carmax.com/assets/24372992/image/ 420 KB
421 KB 1978ms
1973ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/11.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

aca516b886f6aa57a0e0db712229facd39f073d53233393bcf8c4d71ef6b4d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:29 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:31 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 430492
expires: Mon, 21 Aug 2023 20:40:29 GMT

GET
H2 200 23.jpg
img2.carmax.com/assets/24372992/image/ 772 KB
773 KB 1979ms
1975ms Image
image/jpeg 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/23.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

eebde89fdef9d47e50031a0b332b54801cae11dbb050654c103a11331d9dddc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:29 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:29 GMT
x-serial: 1348
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 790494
expires: Mon, 21 Aug 2023 20:40:29 GMT

GET
H2 200 15.jpg
img2.carmax.com/assets/24372992/image/ 627 KB
627 KB 1991ms
1987ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/15.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e5935a95aed11457282ccb9965f55714bc9a6534120af85999792e445437db17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:29 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 17 Aug 2023 17:53:00 GMT
x-serial: 670
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 641936
expires: Mon, 21 Aug 2023 20:40:29 GMT

GET
H2 200 16.jpg
img2.carmax.com/assets/24372992/image/ 302 KB
302 KB 1977ms
1974ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/16.jpg?width=1600&height=1200

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2412b3b3396a388f0c6e5d5704332a6a81792518fbe08f91680027afa0288a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:29 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 09:52:28 GMT
x-serial: 1007
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 309034
expires: Mon, 21 Aug 2023 20:40:29 GMT

GET
H2 200 hero.jpg
img2.carmax.com/assets/24372992/image/ 12 KB
12 KB 1976ms
1972ms Image
image/webp 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24372992/image/hero.jpg?width=400&height=300

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6bfb1d1e2652f3084b1c44c380d4d5580aa271d6d0297caa7854dc2a795ef142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:29 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Aug 2023 13:30:57 GMT
x-serial: 1158
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 12328
expires: Mon, 21 Aug 2023 20:40:29 GMT

GET
H2 200 CosmeticDetailsOverlay.svg
www.carmax.com/car/assets/images/ 33 KB
11 KB 2050ms
2047ms Image
image/svg+xml 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/car/assets/images/CosmeticDetailsOverlay.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

422d2b29ab3ecd0d9f7efc46b3e49e3b0fee9694914394558156d9322db55a4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 20:40:30 GMT
content-md5: /tAmp/Ce+qiUVtjo6BnUMA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564030020_34603373_22578875_5547_33842_7_0_146";dur=1
content-length: 10646
last-modified: Tue, 08 Aug 2023 15:48:24 GMT
etag: "0x8DB938ED11BA2EF"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
x-azure-ref: 20230808T154823Z-gnqr3wxzyt1che6dkeuy6ud3ac0000000890000000002k0q
x-ms-request-id: 6fe6d589-101e-0055-740f-cad814000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 204 tr.gif
ping.pdst.fm/ 0
36 B 2044ms
2040ms Image
text/plain 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.pdst.fm/tr.gif?key=93628f997a564e3bba24ca40702d9a32&a=init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:29 GMT
via: 1.1 google

GET
H/1.1 200 /
d.agkn.com/pixel/9043/ 43 B
568 B 1935ms
1933ms Image
image/gif 52.28.12.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/9043/?abid=11203331148671682203668995204512356818
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.12.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-12-14.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Aug 2023 20:40:29 GMT
Content-Type: image/gif
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 tr
www.facebook.com/ 0
15 B 1936ms
1934ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=167517063839469&ev=PageView&cd[order_id]=11203331148671682203668995204512356818

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 20 Aug 2023 20:40:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 ec70f1528385f41d770aa47efbbc1655.gif
www.carmax.com/chat/dist/ 67 KB
68 KB 2013ms
2010ms Image
image/gif 2a02:26f0:7100:8ad::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/chat/dist/ec70f1528385f41d770aa47efbbc1655.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:8ad::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1186a53d5335c7c1f812adeca7ee14e6aa3d752a6ff9b81674523e4d5ced0557

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24372992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:40:30 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Wed, 28 Jun 2023 01:59:06 GMT
etag: "1d9a9641ea29c7c"
x-frame-options: sameorigin
content-type: image/gif
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692564029997_34603373_22578876_3386_19465_8_0_146";dur=1
accept-ranges: bytes
timing-allow-origin: *
content-length: 68988
request-context: appId=cid-v1:1614b205-aa90-4548-be15-db837b4e1e5a

GET
H2 204 0
bat.bing.com/action/ 0
379 B 1986ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 20 Aug 2023 20:40:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07EAB038C2314CC487810100F9F472C7 Ref B: FRA31EDGE0714 Ref C: 2023-08-20T20:40:29Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 1993ms
39ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 20 Aug 2023 20:40:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4DC0F95C64D841408843C93FE34AD7BD Ref B: FRA31EDGE0714 Ref C: 2023-08-20T20:40:29Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 TC-3665-1.gif
pt.ispot.tv/v2/ 43 B
261 B 1934ms
1931ms Image
image/gif 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3665-1.gif?app=web&type=visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 20 Aug 2023 20:40:29 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
2 KB 1943ms
1941ms Image
image/png 23.218.208.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_20qzf8m77sY0mLX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-116.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce40a8be71b4d72d4b8e5a8d6174692abde2b8e9e12ac53370f348ece207ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 167
date: Sun, 20 Aug 2023 20:40:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
content-disposition: inline; filename=Qualtrics+feedback+button
content-length: 1635
x-request-id: d06b324a-3714-4c5e-ab45-d78c19885b77
referrer-policy: strict-origin-when-cross-origin
etag: "f0fa91fd84b7d45f13e79867954223d3"
x-edgeconnect-cache-status: 1
content-type: image/png
access-control-allow-origin: *
x-transaction-id: ad004982-f7dd-4ac5-956d-c28d37a9af81
cache-control: public, max-age=2
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Sun, 20 Aug 2023 20:40:31 GMT

POST
H2 200 results Show response
api.levelaccess.net/analytics/3.0/ 0
321 B 1661ms
184ms XHR
text/plain 2600:1f18:4457:4600:9645:6f60:3267:cdfb

General

Check archive.org

Show headers Download Go to

Full URL

https://api.levelaccess.net/analytics/3.0/results

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4457:4600:9645:6f60:3267:cdfb -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 20 Aug 2023 20:40:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 1944ms
1940ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=J90WC&UserId=a6b8f7e8-508d-4c10-b1d6-314dc7516dbb&SessionId=cc2694fb-2ec2-48da-a59c-8ae2c8098b8f&PageId=9d122a24-8173-47d5-b434-ec54d312639d&Seq=2&PageStart=1692564023735&PrevBundleTime=1692564024898&LastActivity=4855&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d6857e3a404439b135fd525855ef388d94fb482e620ef351f470c40daf67c506

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.carmax.com
date: Sun, 20 Aug 2023 20:40:30 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.carmax.com/car	1970-01-20 14:09:25	Name: adobeTransID Value: 7719cabc73c506cb65d3b7dca902da03
.carmax.com/	1970-01-20 22:55:00	Name: Kmx_Aka_Location Value: zip=,lat=49.45,long=11.07,country_code=DE,city=nurnberg,throughput=low,network=,network_type=,region_code=BY,timezone=GMT+1
.carmax.com/	1970-01-20 14:09:38	Name: bm_sz Value: DD9E9201D036A687B347F5C69C74E316~YAAQbQEQAtR2jROKAQAAHWStFBSMiozImYnZBJdiQcr2fyDFxZJIf5QYU3nLLjoghHlheDPjQ0m94vLA+V23vNdvCLqXhZ0AYhLv2Aw/E22witgq2QwJbIePQEXuJQIf3DcAQqlID3/8r4YDKcX4f//Lsm2XBzdT4o0yGpkRIKHFb2AZT+xvaNsAVpeaHOV3dFDvpwTgGOdAppNHaff+9ZHQUQ9cAHP3yoEqZ8SXCut0RoGqQ7D2VKRwL/amVVIWbXvCimROFeY/ndreVC/A0w3hpcpzFxSbtK+R+iiZh5GoT9Q=~3621938~3750213
.carmax.com/	1970-01-20 22:55:00	Name: KMX_ViewedVehicles Value: ViewedVehicles=[{"stockNumber":"24372992","timestamp":1692564022410,"viewCount":1}]
.carmax.com/	1970-01-20 22:55:00	Name: KmxVisitor_0 Value: VisitorID=ff474ae5-d526-4d1f-b9d0-6784c005fc56&CookieDate=8/20/2023, 10:40:22 PM&IsFirstVisit=True
.carmax.com/	1969-12-31 23:59:59	Name: at_check Value: true
.carmax.com/	1970-01-20 14:10:50	Name: _gid Value: GA1.2.131140975.1692564023
.carmax.com/	1970-01-20 14:09:24	Name: _gat_6144a510cabc4cd086ae55f1e2df5ad8 Value: 1
.demdex.net/	1970-01-20 18:28:36	Name: demdex Value: 02172832403053156674496047423589377373
.carmax.com/	1969-12-31 23:59:59	Name: AMCVS_0C1038B35278345B0A490D4C%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 22:55:00	Name: everest_g_v2 Value: g_surferid~ZOJ6NwAAAHCzggNe
.carmax.com/	1970-01-20 23:45:24	Name: mbox Value: session#640082d188974000ac08c550e00b3cf7#1692565883\|PC#640082d188974000ac08c550e00b3cf7.37_0#1755808824
.dpm.demdex.net/	1970-01-20 18:28:36	Name: dpm Value: 02172832403053156674496047423589377373
.carmax.com/	1970-01-20 23:45:24	Name: AMCV_0C1038B35278345B0A490D4C%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19590%7CMCMID%7C11203331148671682203668995204512356818%7CMCAAMLH-1693168822%7C6%7CMCAAMB-1693168822%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1692571222s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19597%7CvVersion%7C5.2.0
.carmax.com/	1970-01-20 14:09:31	Name: ak_bmsc Value: C512B73F1B298B7C652A7E757D9D706E~000000000000000000000000000000~YAAQbQEQAuB2jROKAQAAUWitFBQvyQ2H1sa/URnYkowu+7++FXt9Clmp18CbCl5800dFeWxMlrtL33tzyUoIYyj2A8CNr00X1IgZRAmlaiTD/TdRIiR9169gMvR0ZW1gl2ESAZ2hi6soeH4EUsvlxslxxFK8Xo0xWz2JXwl9YhdOeiDFBQBG/pARv3cbIlgeVJUzob5qeBHvjI8y59OnojJwO1C+0llHrRZJomeEEMjfRoOCNjXPupRAIWdcHkG85QAtNdfI4IFWe+X57gcpEcRZ65STClyLMhq5r0OPFXgh4LaFGkXPiZMZ0loZZ0kDRWcb+jarM4YjDQQPriCbA2YHJBUpctjy0EA2M8kyB/mKJeABl216k6MvCtIcBJvwhxRj3RRMZuvvGjKZmhBFsDUbWbb78D99UfINLuYs+6dyHap7f8KcvWqCMqUIVX4JvlYbfLV+OuBdjr7WqE+0bDQl+1IK7TgfK96tLwRYxEWHNlB+k7vN53wOEg==
.carmax.com/	1970-01-20 14:19:28	Name: RT Value: "z=1&dm=carmax.com&si=d3006f89-7bc4-4bf2-b34f-9ff7c9586618&ss=lljwx1mu&sl=1&tt=16n&bcn=%2F%2F02179912.akstat.io%2F&ld=16q"
.bing.com/	1970-01-20 23:31:00	Name: MUID Value: 357D540813E763B02010477B126C6200
.carmax.com/	1970-01-20 14:10:50	Name: _uetsid Value: c96171a03f9911eea1eff3bc2c176813
.carmax.com/	1970-01-20 23:31:00	Name: _uetvid Value: c961ac303f9911eea7450d243dfe902c
.carmax.com/	1970-01-20 14:09:25	Name: fs_lua Value: 1.1692564023734
.carmax.com/	1970-01-20 22:55:00	Name: fs_uid Value: #J90WC#a6b8f7e8-508d-4c10-b1d6-314dc7516dbb:cc2694fb-2ec2-48da-a59c-8ae2c8098b8f:1692564023734::1#/1724100023
.carmax.com/	1969-12-31 23:59:59	Name: KmxSession_0 Value: logOdds=0.3403750971969697
.carmax.com/	1970-01-20 16:19:00	Name: _fbp Value: fb.1.1692564023808.875326430
.carmax.com/	1970-01-20 14:09:31	Name: bm_sv Value: FB40F8D1FDA17B2508A68FE3C68D8C5F~YAAQbQEQAu92jROKAQAAU2qtFBRSN2oXOvz6FiSNpjz9sbwWLiSX6e9GdPzr2+xoVG7NiypGjKEOsZ2JP/4L0qmxEM9vBLBJH8H+tWgkzC7oeVoynk+qXhGKT+OdZ63r3pdVazy7DgrQnkltyPGjL4Pr1IRInVm3OWbNzZuqo9F3KIGYaACVTTaZjuyoSGfdKE6uouYVUitvQJSE+lwaYRQA8/7r6ywUCE3PsTwfxmmOqyckb+2wJZgtZC0Na6Qi~1
.criteo.com/	1970-01-20 23:31:00	Name: uid Value: 96010e25-93d6-4e85-b5a6-77072a05ca65
.carmax.com/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.carmax.com/	1969-12-31 23:59:59	Name: s_ppv Value: Carpage%253AComing%2520Soon%2C17%2C17%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.carmax.com/	1970-01-20 14:09:25	Name: gpv_v4 Value: Carpage%3AComing%20Soon
.carmax.com/	1970-01-20 14:09:25	Name: s_visit Value: 1
.carmax.com/	1970-01-20 22:55:04	Name: s_vnc365 Value: 1724100024024%26vn%3D1
.carmax.com/	1970-01-20 14:09:25	Name: s_ivc Value: true
.ispot.tv/	1970-01-20 23:45:24	Name: pt Value: v2:a3966b9427e1348b66f90423be34b3f8a1cd0f736d55d3e0097a4d7764cd0327\|6d02bf33fca01297d89a8809c89bb58054f3e0df2084100a8bab44f015d464f4
.agkn.com/	1970-01-20 22:55:00	Name: ab Value: 0001%3AfcjZGvsnq%2BYW5mKq%2BnZGQYaiBlGsyS8g
.agkn.com/	1970-01-20 22:55:00	Name: u Value: C\|0CAAsdTa4LHU2uAAAAAAAATEnAAAAAA
.carmax.com/	1970-01-20 16:19:00	Name: _gcl_au Value: 1.1.620881330.1692564024
.carmax.com/	1970-01-20 22:55:00	Name: _abck Value: 77816645EE457BFCA9641B1667915ACE~-1~YAAQbQEQAvJ2jROKAQAAfGutFAqdZR4eRurSg+VLRyLPRPMfC6+VYUOD5sZkkWvy0NcaOMJTjiDx13IuFp/0YYM98V/l+1lOtfFvwTbjvDNuN7VzOAN37o0o0iKCy/CxDj99u0L8D7OlNC4ibcd+JRi4HF/QnrrgGbZJp7/gBXYaNgIyxSZiKSK3hE2b2qfYkPNM/ntsdQNWO6ZJ/5IsGk2QgJk8B93XwFK9meBkiodTJrakDez090qeqlsJV9DRfRliyVm4cml1ruKykpxNIa4AeBVVAx1bR8HvXJDFdl5ueR7MLfbPjwbwW4SY3ymAy1iTKegzA/htLOkmg5iX/TqO88VXbVy7aBMFLLuFjmdPuqk4FLlADA5iYVZLtIRApyO+Kvq+vGio9g==~-1~-1~-1
.carmax.com/	1970-01-20 23:45:24	Name: _ga_NTWN6LKPPS Value: GS1.1.1692564024.1.0.1692564024.60.0.0
.carmax.com/	1970-01-20 23:45:24	Name: _ga Value: GA1.1.1181624589.1692564023
.carmax.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 23:31:00	Name: IDE Value: AHWqTUmHehCn0_bAHUv1PMdAHh0cqC075RZ08X311iBkA1E2Dj0vOAoJKvO_8Dbi
.carmax.com/	1970-01-20 23:38:48	Name: cto_bundle Value: eiBUHl83bDlRTWZRbDlKeFklMkZoczBlWTFmJTJGT0NCSjFlbVRCRjMwM3g4UGJqOHE0ZzBoN2VnbDJIRXdRM3RuNFFaRzBLamFrMGhVNiUyRk1qRVN4ZTNLOUZMTjVtS3JOJTJGTEd1UGdjS1pjY1k1ODhDaFQ0eXpzT2lxakdscWdJRGk5dFRXVGc1JTJGNVdwZkJEZXZpcldPU29kNjd6eG53JTNEJTNE
www.carmax.com/	1969-12-31 23:59:59	Name: QSI_HistorySession Value: https%3A%2F%2Fwww.carmax.com%2Fcar%2F24372992~1692564024605

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.carmax.com/myaccount/token/svc/cookie/validate/low Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179912.akstat.io
api.levelaccess.net
assets.adobedtm.com
bat.bing.com
c.go-mpulse.net
carmax.sc.omtrdc.net
carmax.tt.omtrdc.net
carmaxbusinessservicesllc.demdex.net
cdn.levelaccess.net
cm.everesttech.net
connect.facebook.net
d.agkn.com
dpm.demdex.net
dynamic.criteo.com
edge.fullstory.com
ethn.io
googleads.g.doubleclick.net
gum.criteo.com
img2.carmax.com
mug.criteo.com
pagead2.googlesyndication.com
ping.pdst.fm
pt.ispot.tv
region1.analytics.google.com
rs.fullstory.com
s.go-mpulse.net
siteintercept.qualtrics.com
sjc1.qualtrics.com
stats.g.doubleclick.net
www.carmax.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
104.17.209.240
142.250.185.162
151.101.130.132
176.34.146.86
178.250.7.13
2001:4860:4802:34::36
23.218.208.116
2600:1f18:4457:4600:9645:6f60:3267:cdfb
2600:9000:21f3:6a00:1:fb61:2b80:93a1
2620:1ec:c11::200
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:830::2013
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9b
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:1700:38a::11a6
2a02:26f0:480:980::11a6
2a02:26f0:7100:1b7::1e80
2a02:26f0:7100:8ad::1c4e
2a02:26f0:7100:8b5::1c4e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
35.186.194.58
35.201.112.186
52.24.153.248
52.28.12.14
52.30.115.249
63.140.62.164
63.35.31.5
66.235.152.107
00c7595356b8f9ab4b00b98706a5a6e43d7c33c424701b138f9ffb103865a46c
00cec3182624389be527e748b4273b56127435a8d82a4f35585e1bd23349ea60
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
02880b96ea2c6581b998f54f1f683e29faf9c287d707613331ffb4f1acbf2388
0576f94f1d666e893c67c1457ba42f9c38015a10e638dbfdb991c8aa45684407
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0690e61324e3f63b2da37e172d62a59ec881aa90536bc17ea3bc8d63f38d5fb5
0769f568ad10490e02fe861a62b1a36916d27fd3af9fd92d2d02fb77be1ea081
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
09fead62c1be1ae25ba99febfe765989714e83d22c4530cbc869dfb8d701062d
0b33034d760d9270129ba589a0730012ce52285b4f7345c5611dc2d60d2a213c
0ef910f57072e0dd55d3b7116b6a661f09a5f06f96df8066b071b72200a8f675
0f1996871ba77386a475fac0db6489b0241c9a839f2e3c3f631aed26006848df
0f4a0708685889841c00251c36d4dd6602d94a15fcb568f65f8c326f38ba6639
1186a53d5335c7c1f812adeca7ee14e6aa3d752a6ff9b81674523e4d5ced0557
13e04e838da8999b63f4d5c50c25a1c292ca59a8ea4d4132c5bedb24bebb6ff4
157e0bd7f3edcb69771df4f2f6a16cdfec633fccc3c5fd281d7e5568bc75b867
15a166f0c9fa47868117bb56a03433464c1e259dfeaeb90c59c0ba8a5a251684
19108e96da1be78452af9c3a35337ec652f1a8ba006c0849674736fdee2a4005
1ba3e053511dd7c309223f02a7f63eae773a3000ac80028995b74fe5f1ad7160
1c0537af913abce50334f4636712ae95e6504920bb66bba1b6168acb4e213626
1e15085f0ebbe0d0bc7e7c54181fbfc766a97921c87a04eab9fd869a618a31c4
1e4b03750c76694f5cca31e808a9239cb8b06bbef3b4b6cafe484bfef1a00da3
1eba057505fdae57a634f4d27e4b7241bfdf0246f8cc688d99234c5005960110
22d920b4beebfe3642097e5ac276d0109658f1fad972c03f285eb256ecc30fa2
22df4b81e8a437a48f2600d5f74126b0c93647ffff19813ce663defe943f380e
23f0ecff2a6fe8d7f3e2131ca104b37506c6043996844b28af67cddc466f63f4
2412b3b3396a388f0c6e5d5704332a6a81792518fbe08f91680027afa0288a1a
2511823ee589cef1a1b05009d107035ad3d0656d238cdb9ca3f51e53da4c24e6
25963f5c9b1702a5ea9acc18daf394e80acab8a1cf88d48ac49ceb0ad29d75f6
2d7668cfe517e69b0e642e3c7666c40411b2b84ef37bdbc77c120e2203c8bbbe
2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
30eb525a02db1c2853de8ca3037d84a2095c3be4aed268205bacb07c1e04626e
321af4cea119c712ba6f4c17ce2b030749dc0cb98b8dc291094a10212ce1a700
333db8b1e78f48c5ef193ce6a8974cf3fc71b152b402e62231a993a8aaf174f3
399f43967e1225d11e121088572ae7278c7196ee1141e72a5734bc39879341f8
3adead6368c693cef7ad42f71359d321dfe8db9eaaa542b760fa752d62e3e23a
3c28317c6b080fdda8176b1045e5c655d6a0035ac9f5d36f62c81d2a49464441
3cbea6ff8454ef59cee1bc5705f8bb0a0af11768b82a787076ccdd73c48c2fdd
3ce73d65cbeddb520aa9f693e1379018fc0ae2da95c10b10da0396c9d17b6cae
3da148dabbdd5591d17ff80643b8ed9f65ea53804dc341b13dafcc644f617c60
422d2b29ab3ecd0d9f7efc46b3e49e3b0fee9694914394558156d9322db55a4b
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
432d6dfb3b3f13bb6c3975de0e8c252c14d1fd7229f812e37ccdf6ee90b692a7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4aa076a918e9207178712b850704b0ee5f1240b1cbb0e8616eedd94fe7bd348e
4b1c2b1bcf8c1242bb2da9c38492c762dabc688294505c10e62de81a43976abe
4d4fe612fa43bdcfc05db6234a824a87d806a83ab61a9f8f05dff12c2b253c95
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5142c9f8bf61b5b1d33425816bdaf5e781f9982b3f2c56b4df4f5f122c58b607
51a48876d9e8e9a7b09864227e876c10c44ac9773e06a8e2e1bc3871402dc45f
554722fc9b24c96c2748f48755fb5013c2c0b4a28e52c5150e680320692b33d2
563c8d617c74541ea18f4337c7481d1a55a9862061bebf8d8bf70db678714bde
583999d7707ecc8a05e42220c4a50fba22a4f2238a155c046ede07e0c2252499
5a35d0d1d1ad17032ca2c71ff99ad6d80f017057c335fd63bee4551ee73b86eb
5f24beb1ede103df25e539b10a6f7f305067960cff5b7e58c125b2a76c546a46
5ffa44a3baf687c8215413b249925730c842a13d5e320176f80e51d5c7c1d900
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
63c6fcb4e0dd6d63b97574ba2717220a0ceb9fe55b7d34e7ed6133eaa82d5886
6429b3cfa7c6eeaeb4658f4b50990688a54f3400f4d302dd7c16d632fbf9252d
65e84dabde8c53ba8ae74e6630eb511c7a7f476de8f9f40a08fa2704138dd5dc
6952f65729d1ad40a2d8c3e08eeb36c552613b06b53ca135e2c02219f8d340d8
6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39
6bfb1d1e2652f3084b1c44c380d4d5580aa271d6d0297caa7854dc2a795ef142
6c062deaf76d33dafb778c0f5728e20ac1e0cfd63e1da7a50dcdf2195c941513
6fa7e11feb17c2d9c166170f07fca261c09c008db37618dbba8e7f4da83198e9
703c91d0f27e541c59dd9907f92ec67b2a2b7c746391d07a484360fc08ebee1e
71d62d13af6102898418fb4c22bbebd25a81c32af33fa0cbd44f6cf66cb1a50e
728e7f39011cb6cf75f9747a0e73cc4330b128460783a529ae145c1317b9c591
729de41eb12f56d64e8cd9446487bb9dbee58c7a699dfd491c053b52843bd7fa
7530f4e7e0039df96f5ebc239d5104749fb945563aadca7536ce3c3353efde25
76d375f15715c95ebe6b7ef7fd96f0b2dbe54b582d3f81e3f4b2e1f9a5654ab3
7967983cd44ce2e89984859c0d7dbde4ca9b574f2442b5f4c0493931b89d6f5d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c1cf147944de8261f28cf87a129939e232456105d4b099878fafcf5d43e797c
7e8c4a6ab473b93a705a85a01cc6b7895613317a357b9268414c0bf9e5482d9c
80cf2e36ce257aaed107d2832911b8a225508ab12b8890f1ab23acd748485012
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82c80d5979835694c0e24e4c21236690e2417fbe429bf571207e423fccef8f4a
82dc710b6f7086f10a331cf559d15e05273be6bff33ef030536fe2b2d1fb9231
82e8e5548cae6a0169508fce24b6f6c32052e4123d8387ba7eae390f23853046
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
875691cc2240dde463b0e758799d2e0eb0b8d520c8ed6d3702c7b253ab6e2336
8932fcdd5b80b0be45efb417da90d2b84cd020158446c17bb8d469502367b729
8a7441682f1172733347258a8700bfada72ea4bd0c1d94b71a1a2586aa569e85
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
9512e4cfe0dcf8bbb3b614ea276ff9153c7642c4f641459620a0326d3d925ecd
965a2c31659c544a6a01fbe1bac9958452aa28ccb7ac568867ded1ac95230674
9a3185cc41f5945f68dc88153d000a736bda370f5cbdc0ae219b7ebd16e4fc35
9c114a48864bd8b547cb7fcb951212c52f04dcd79108709f9fe48a7436c38e21
9d224fddb064ca00bdb03e0ee70bfb96f17213427508f3a4b54265b78715b635
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a7c49ca0ba325031366e743d28ff8b9c7e5f2f9cf5edf9787afaffdb5892467c
ab10dddbb65664979fa220ac220948ad7d8020977190d60ad731fa5d257ab68e
ac06ff3870aa71c6686dee69845dfbff5ba2130053893509cdcb4a3f847e45d9
aca516b886f6aa57a0e0db712229facd39f073d53233393bcf8c4d71ef6b4d94
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1deaaf633efa94a89ffc9d1d3a250a352d1741bf8a7974dab0f156f662318b
b236a5281db07ac6d4f4670e1b196f1f5e67f40e85dc5ff760dff2308a324e7c
b44fec7e955719cd5a13d47130d55d9135ffcb16081d91fa30703b0ce4f94248
b9344594f07daaa46fddbacefd07c364b90f488c0a4131ddf0c2990c9ef13ec2
ba3f7f5f275a53da50b81cd5cdb4eb40cd675d3ce5f99eb4ed14700a27bc0930
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c0a2d8d2c814b20e1c9141321c11837e3884dacbc7e0d35f0442a74449922472
c2ef2fcae9df1e0a5b935401327380b91c534ebc71cc44637c27a397ff2b3f29
c301877b8b2159c6bc108da116a07628d485b07a27ce1c543999348d5096f044
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c60b5d79dfb0706547f46fd1e00e48456d4050d3cc50157bf27f52ea0f85a6f1
c6dcc9481bfcab795c220bcaeaaf7b2d62394c458ef0581ed2d567763738a320
c79295fde31afa890e3e9f6b01db6da1a8ba9c5477e2d1a28b56fc002d475cc5
cbeafe46ad324e22710597697da96d24ce003a116d98592bb7ebd8f4b1170f1b
cc01dd9740aea8c862aff612c37ac3516af1ad04d25876e0b512e552c6b0b5b8
ccb110f94c8ba54dccbfe7d197eee701a5d7ba823cf14cd4f65f1c424de8e685
ce40a8be71b4d72d4b8e5a8d6174692abde2b8e9e12ac53370f348ece207ca9c
cf0c411f714a04aa04ddfb95f17dc6f71b9e2737807a06de756e096cba4b18c4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d19725decfcfc5b1f9b8e4a54bd60fe18a912884e61049a227d1bef3a8d59f57
d2e3f503299fda463f2244d33bff202c918c16c112954cd9283aacf4ae803e00
d54b302aaeb65b51c2dee27f2260d2e61ce614db3272b77a77b0a77c7763d915
d6409261546efacc5fd0a9030ecac28101ca540ef98e1cc9783b1d565a5bbbc3
d6857e3a404439b135fd525855ef388d94fb482e620ef351f470c40daf67c506
d6d71d1eff114b1fac0c7367e946f7c0bfb8f8a722bd4dfb6bd6ad4a86056039
d892b9b031c0ec5075007c5637987ab3078d778a1d19627c6148014756ec1459
d8a48d03ef562f9248621464a6a0f309cc6402426257e74893c9a5aec9f6ac3f
d8f2c351adcae377cbaa579e2434df7a0232db66dd4c45169a50bf1809dc0ac5
dc090b8c4eb709ca23d9c069d00300b5d77fba57505f84f215fc3cccefb26ef9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee0b2853c994d5be10792538856cf07d6f57b7edf1eac055296c3ce64652227
e35714490f47936b66e98bffb14face34382aae54e5afde6cf628a5f21d8d3c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e3ce99eeb7e0287b1a4fc169251b820a57fe0ed2ea868dcff6713fdd606828
e5935a95aed11457282ccb9965f55714bc9a6534120af85999792e445437db17
e8028afce06a57f18b8f8807727f318a65d8e0b39bd323c1c9989a0f22d260f7
e8956342fc19ff4ae2ecf999bc570956c4965d72da221c51c76259587677e7dd
eaeb0084f6d79f4f879068b7cda620cf842d7701df744d782721da472d99a549
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
eebde89fdef9d47e50031a0b332b54801cae11dbb050654c103a11331d9dddc6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1fd1b848f3baa9902a630990dd350033d304bd02c6d3aadb39ca254edaabea4
f2257d5dcff45e05bb9d046829b14c16dc3751a2e620af325231c44506d63f1a
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f575fc7bdab442f505c7681f37791e44ffc4152484c29fc4398d4b322b62cb6d
fb4b0288e6a42913d8d814e8231e35138e3d785c1ed7320a87f5a923f0c44225
fe00417daf974a88fda7c29bd8a4f3928a312ed666bf6046d40d55dcd75703d8
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514
ff82e745b457a03c8dc6f962fae8f7478dfa985c0861d52d416b0677a66801a8

www.carmax.com Open in urlscan Pro 2a02:26f0:7100:8ad::1c4e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

214 Requests

97 %HTTPS

60 %IPv6

25 Domains

37 Subdomains

35 IPs

6 Countries

12011 kBTransfer

18350 kBSize

42 Cookies

7 Outgoing links

Redirected requests

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.carmax.com Open in urlscan Pro
2a02:26f0:7100:8ad::1c4e Public Scan

Screenshot
Live screenshot

Full Image

214
Requests

97 %
HTTPS

60 %
IPv6

25
Domains

37
Subdomains

35
IPs

6
Countries

12011 kB
Transfer

18350 kB
Size

42
Cookies

214 HTTP transactions
6 data transactions